There is so much personally identifiable information available on the dark web that fraudsters shop the bargain bin for card data but are willing to pay more for complete profiles.
"Legitimate businesses are not the only ones undergoing a digital transformation," John Buzzard, industry fraud specialist for Rancho Cucamonga, Calif.-based CO-OP Financial Services, said. He observed the largest amassing of worldwide PII data took place from 2013-2015, according to Forbes. "Not only is the data ripe for picking, it is sitting there sometimes unprotected."
Buzzard suggested credit unions and card issuers must continually provide the cautionary tale to staff and consumers in terms of protecting member data. "We want to emphasize to credit unions they can be stronger and more secure."
Recommended For You
Gartner forecasted 20.4 billion connected devices globally by 2020 and Forbes estimated some 1.7 megabytes of new information created every second for every human on the planet by 2020.
"Criminals are out there adopting how they can usurp those pieces of information," Buzzard warned. "It is far worse than people realize." He observed criminals exploited for profit virtually every technological milestone involving some form of financial value from phone cards in the 1980s to home equity loans and online credentials in the late 2000s.
The biggest shift more recently is toward stolen data aggregation. Buzzard said, "Criminals tend to pay more for complete sets of PII and less for single payment card info." He pointed out there is just so much stolen card data in the wild, the fraud market is oversaturated. "The more you have it the cheaper it is."
The $1.44 billion Indianapolis-based Elements Financial Federal Credit Union, part of the Co-Op Network, in the past year made a demonstrated commitment to educate employees and members about cyberthreats such as data breaches and phishing attacks.
For employees, the credit union utilizes a monthly phishing test, online learning, and the ongoing sharing of the latest cybersecurity alerts and news at meetings, the intranet, emails and Yammer.
"What we are doing, and continue to do, is test our employees monthly to protect against social engineering," Chris Sibila, EVP, payments and technology at Elements Financial.
Elements' utilizes a phishing security test from Tampa Bay, Fla. cybersecurity firm KnowBe4. "They have a nice tool that lets you queue up varying types of social engineering tests that you send through email," Sibila explained.
Read the full article in the Aug. 23 edition of CUTimes.
© Touchpoint Markets, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more inforrmation visit Asset & Logo Licensing.
Roy Urrico
Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).
