Online account takeover occurs when an unauthorized party gains access to an existing bank account by stealing the access credentials and is followed almost invariably by the illegal movements of funds. In today's increasingly connected world, the growth in connectivity, convenience, speed, technology adoption, and payment options allows people and businesses to conduct online financial activities more easily and efficiently. Consequently, fraudsters have developed the means to take advantage of this burgeoning attack surface through the increased use of smartphones to access the internet, malicious malware, socially engineered account takeovers, and other means. As we become more connected, attacks are becoming more sophisticated.
Learn how to defend yourself in this rapidly evolving digital world. Register for this round-table discussion and learn first-hand from M&T Bank, Aite Group and RSA Silver Tail:
The global economic impact of account takeover in the next five years
The most effective way to respond to Man-in-the-Middle and other account takeover attacks
How financial institutions are detecting customers from criminals with leading edge technology solutions
The total number of Account Takeover attempts reported by financial institutions has more than tripled since 2009, according to the Financial Services Information Sharing and Analysis Center. Moreover, global losses from account takeover are expected to reach $794 million by 2016. Not only are incidents of account takeover are on the rise; they are also increasing in frequency and scope.
Anatomy of an attack
Thieves steal online banking credentials to access a customer's account and conduct unauthorized transactions, change contact information and gather information on the account's history to commit other crimes. Cyber thieves target employees and businesses of all sizes through phishing and socially engineered attacks with the goal of enticing them to download and spread malware that will allow unauthorized access to financial accounts and other sensitive information.
A complete solution set requires a multi-layered approach that prioritizes behavioral analytics, authentication and anomaly detection. Additionally, financial institutions must protect themselves by investing in the right technology, developing a plan to remediate threats, and also educating their clients about the risks associated with account takeover.
Julie Conroy, Research Director at Aite Group
Matthew Speare, SVP, Information Security at M&T Bank
Jason Sloderbeck, Director of Product Management at RSA Silver Tail
As Research Director of Aite Group's Retail Banking & Payments team, Julie covers fraud and authentication issues. She has more than a decade of product management experience working with banks, payment processors, and risk management companies, including a number of years leading the product team at Early Warning Services. Julie is fluent in Spanish, holds an M.A. from the Monterey Institute of International Studies and a B.A. from the Michigan State University Honors College.
VP, Security and Service Delivery, Positive Networks
Sloderbeck has been in the security industry for over 15 years. He started out running a dial-up ISP and quickly moved on to building companies that provided Cloud-based security services like remote access, two-factor authentication, and web filtering and anti-malware. Most recently, he ran Cisco's Cloud Web Security product line after Cisco Systems acquired ScanSafe in 2009. He left Cisco late 2011 to join Silver Tail Systems, Part of RSA, as Director of Product Management.
Executive Vice President & Enterprise CIO, Regions Bank
Speare joined Regions in 2013 and serves as the head of governance and integration. Regions is a top U.S. bank-holding company headquartered in Birmingham, Ala., with $117 billion in assets, operating approximately 1,700 banking offices in 16 states. In this role, Speare has responsibility for information security; check, ATM/debit, and credit card fraud operations; and systems integration for consumer, business and commercial banking groups. Prior to assuming his current role in 2013, Speare was the chief technology officer for M&T Bank, an $82 billion financial institution based out of Buffalo, N.Y.