Five Steps to Counter Current Fraud Trends Baird Holm LLP COUNSELOR’S CORNER Fraud continues to cause problems for banks and their customers. Some of the most troublesome scams have been causing issues for years, while others are new or have a new twist. The following discussion reviews some of the current fraud trends and offers concrete steps financial institutions can take to protect themselves and their customers. 1. Require Multi-Factor Authentication Most security relies on sensitive data being secured with a username (often an email address) and a password. When ransomware groups exfiltrate usernames, passwords and other data and post it on the dark web, this information can be harvested and used by hacking groups to target financial accounts with credential stuffing attacks. With the sheer amount of information on the dark web, usernames and passwords aren’t hard to find. Attackers may obtain further information via social media to provide help desks or answer password reset questions, including details such as someone’s first school, first pet or the last four digits of their Social Security number. Multi-factor authentication (MFA) provides an extra layer of protection for sensitive data beyond login credentials and security questions. The National Institute of Science and Technology (NIST) defines MFA as: An authentication system that requires more than one distinct authentication factor for successful authentication. Multi-factor authentication can be performed using a multi-factor authenticator or a combination of authenticators that provide different factors. The three authentication factors are: something you know, something you have, and something you are.1 It is worth noting that not all forms of MFA offer the same level of security. MFA delivered via SMS text message or email is convenient, but less secure than 18 NEBRASKA BANKER
RkJQdWJsaXNoZXIy MTg3NDExNQ==