How to stop sophisticated attacks during COVID with behavioral technologies

Financial institutions (FIs) were being hit by sophisticated attacks… and then COVID happened. In March, one U.S. bank alone experienced almost 750K takeover attempts.

In 2019, 7,098 data breaches exposed over 15 billion user credentials, according to Risk Based Security, then skyrocketed to 8.4 billion users exposed in Q1 2020 – a 273% increase compared to Q1 2019. The stolen personally identifiable information (PII) is now available on the dark web for schemes such as account takeovers and credential stuffing attacks.

Most risk and fraud departments are familiar with these login threats, such as an automated script that tests a set of username and password combinations against a login interface to see which ones gain access to an account. The login attempts occur rapidly and often have obvious giveaways: they reuse the same IP address over and over or don’t even load the JavaScript on a page or app.

These are common schemes that all financial institutions experience. However, a new breed of refined attacks is growing into a dangerous threat to all banks operating online. This wave of attacks tricks most bot-detection tools into thinking they are human users instead of scripts by mimicking human behaviors, such as a slower typing speed, or other sophisticated techniques.

In a time when users increasingly rely on online services – and attacks are evolving – financial institutions have greater pressure to differentiate their good users from bad actors. Many FIs are benefiting from behavioral and passive biometrics tools that help businesses detect sophisticated attacks and protect customers.

Increased traffic during COVID-19 lockdowns

According to NuData analysts, customers interact with an average of three devices: a work computer, a home computer, and a mobile device. But they’ve noticed that during movement restrictions, there are significant behavioral changes taking place. Good users are logging in more often, creating new accounts, and making an unusual number of money transfers.

It is important to incorporate these variations into a machine learning model to maintain user verification accuracy. Static security tools that don’t look at user changes or lack machine learning capabilities can mistakenly flag behavioral deviations as fraud and block legitimate login or money transfer attempts. Organizations need tools that help them discern changing customer behavior to avoid false declines while mitigating fraudulent traffic.

Our eBook, Attacks are more sophisticated during COVID times – How to tell them apart with behavioral technologies, explores this delicate balance. With a threefold increase in sophisticated attacks in 2019, bad actors are focusing on quality attacks, investing more time in developing their scripts than deploying volume-driven basic attacks.

A close up of a map

Description automatically generated

Aggregated high-risk traffic divided into sophisticated and basic attacks. Source: NuData

Within the NuData Trust Consortium, we constantly see sophisticated attacks attempting to access our clients’ environments. Some of these attack vectors go on for months before they realize they can’t permeate the security barrier and suddenly stop. Once they disappear from one platform, they often move on to another one hoping for better luck. As attack vectors move from platform to platform, financial institutions need to ensure their security will block the threat until it moves on – and the next one comes in.

How to mitigate these attacks

To mitigate these sophisticated attacks, companies need technologies that can look at traffic beyond static parameters such as location, IP, or attack velocity. While many business approaches focus on building more security barriers, these can block good users, too. A security approach with an invisible barrier can protect the good user’s experience and only makes itself perceptible to risky traffic.

Behavioral and passive biometrics tools enhance the collection of data for every event assessment and build a holistic view to discern if it is made by a human or bot without blocking legitimate customers. These technologies help financial institutions mitigate sophisticated threats targeting their environments, including credential stuffing, account takeover, and money-transfer fraud.

Download the eBook to learn more about how these sophisticated attacks work, and how behavioral and passive biometrics are adapting to stop them.But before you go….

How one major bank stopped 750K sophisticated attacks

In March of 2020, a large U.S. bank was targeted by a slow but sophisticated attack vector that lasted weeks, with nearly 750K account takeover attempts. This sophisticated attack was hybrid, combining automation and human-driven work. When NuData flagged each event as a bot and triggered a challenge, the attacking script rerouted the request to a human worker to solve it. We stopped 99.6 percent of those attempts.

Read more about stopping account takeover attacks during COVID times in the eBook.

Related to this post Yes, shoppers are going digital during COVID; but is your user experience keeping up?


Sign Up for Our Newsletter