Unfortunately, the widespread of the Coronavirus is definitely a thing of concern. It is also very bad that Cyber Criminals have also used it as a means of attacking millions of devices all over the world.
It has been discovered that Cyber Criminals sends attachment to millions of people. This attachment comes in form of a Document from Health Centers with topics of “How to prevent the Coronavirus” or updates about the Coronavirus. Once the files are opened, the victims are prone to sensitive information and data are extracted from their device (passwords, bank account details, etc).
For businesses, this malware attack can be very disastrous. It will not only cause the take down of websites and mobile applications but have devastating security, reputation and financial consequences. For banks, attackers can use sensitive information to commit fraud.
So the question now is how can we prevent this havoc from occurring?.
Implement expert rules
An existing security infrastructure should be put in place in both banks and enterprises to avoid attackers from gaining entry. However, it is good to ensure that any security rule that is being put in place be adjusted in the sense that employees or banking customers may need to perform additional authentication process in order to access data.
Banks can also adjust the threshold for any fraud scoring models, allowing more false positives in an attempt to keep fraud at bay.
Adopt a multi-layered approach to security
As an attacker gains access to more sensitive information, the better his chances are at being able to launch a successful breach or phishing attack. For banks and enterprises to be able to defend against this with more efficiency, they need to adopt a multi-layered, dynamic approach to cyber-security is highly recommended.
It is very necessary for organisation to invest in collection of high and quality data that will enable them to make informed decisions on threats and criminal activity.
Although there are quite a number of tools on the market, we’re seeing the emergence of the next generation of intelligent security such as adaptive authentication, which uses AI and machine learning to score vast amounts of data, analyse the risk of a situation, and adapt the authentication levels accordingly.
By combining a range of authentication tools such as multi-factor authentication, behavioral analysis, bio-metrics, and even pulling in data from third party tools, adaptive authentication makes staying ahead of the cyber criminals that little bit easier. Security moves from being a black and white binary story to becoming precise and intelligent – providing the exact level of security as and when it is needed.
Boost mobile security
Attackers are increasingly targeting the mobile platform alongside other channels and Coronavirus-related attacks are proving to be no exception.
They set baits for there victims to download malware and Trojan that can extract sensitive information from their devices without them knowing. In order not to fall victim to this, banks and enterprises need to work on the assumption that every mobile devices are not to be trusted and a hostile environment.
Being dependent on Google or Apple to detect all vulnerability is not totally advisable and doesn’t keep you out of harms way
For instance, to use of mobile in-app protection and app shielding is a good way of ensuring an extra layer of protection.
Implement ML-powered fraud detection systems
It is very crucial for Banks to adopt this technology in order to detect fraud attempt and block it immediately.
Advances in machine learning technology means that fraud detection systems can now process vast amounts of data in real-time such as a user’s transaction history, their location, the device they use, and more. By building up a detailed picture of normal behaviour, the system can then quickly spot abnormal behaviour which may be an attempt at fraud.
Modern risk analytics tools can also detect the likelihood of the HTTP referrer being a phishing page. Rules can then be implemented to determine the appropriate response should a phishing attack be taking place.
Attackers regularly take advantage of spikes in communication or activity to launch attacks. While it shouldn’t take a global pandemic to trigger businesses into action, it’s more important than ever to make sure the right security infrastructure is in place across all channels to keep your business and your customers safe.