Aite Group: Cybercrime, Malware Dominate Online Fraud Threats
A new Aite Group report says cybercrime and malware are the top online fraud threats financial institutions face today and they’ll continue to top the list of threats over the next two to three years.
Of the 32 North American financial institutions interviewed for the report, “Online Fraud Mitigation: Tools of the Trade,” 56% said cybercrime and malware are the most powerful instigators of online fraud.
Meanwhile, 52% of the institutions also listed cybercrime and malware as the most significant online fraud threats to emerge over the next two to three years.
Mobile fraud is also a notable threat – 26% of respondents listed it as the type of fraud that will cause the most pain over the next two to three years, the Boston-based research firm said.
Aite Group Senior Analyst Julie Conroy McNelley, who authored the report, said credit unions must realize that implementing a robust fraud prevention strategy, though it may come with a steep price tag, is a critical move given today’s threats.
“The report highlights the fact that no institution is exempt from the threat landscape,” McNelley said. “It’s important, not just from a compliance standpoint but from a loss mitigation perspective, for credit unions to have a good understanding of the threats out there.
“The challenge for credit unions will be making the business case to deploy the technology it takes to keep pace with the bad guys. They’ll need to take the long view for the business and realize that with just one big corporate account takeover, the institution can be wiped out. So the risks are significant.”
Aite Group also found that financial institutions are combining multiple fraud mitigation strategies into a layered approach to combat fraud.
Respondents rated behavior analytics, in which institutions monitor user sessions or web navigation techniques to pinpoint suspicious activities, and out-of-band authentication, a strategy that involves communication through a channel outside of the one being used to access the banking application, as two of the most effective strategies.