A new report from the SWIFT global transaction network says the world’s financial community faces evolving threats from cyber-criminals committing fraudulent transactions across the system.
The study was carried out over the past 15 months and discovered that cyber attackers have developed new and more dangerous methods to infiltrate financial organisations and client accounts. Also, 80 percent of all fraudulent transactions went to beneficiary accounts in South East Asia, while 70 percent were in US dollars, and an increase in European currencies was also detected.
In an interesting twist, the value of individual attempted fraudulent transactions dropped significantly, from more than USD10 million to between USD250,000 and USD2 million. Experts say it is just one way cyber criminals are seeking to raise less suspicion.
The SWIFT report also outlined how attackers are known to quietly operate in the background after penetrating a targeted financial institution. They may study transaction patterns of financial institutions and customers for weeks or months in order to exploit security weaknesses.
The digital attacks had previously favoured attempting fraudulent transactions outside of business hours but have more recently tried to carry out their thefts during business hours to blend in with legitimate transfers.
Another development is that fraudulent payments have been arriving from new payment pathways. Most illegal transactions investigated during the past 15 months came from payment systems not used at all in the previous two years.
Brett Lancaster, SWIFT’s Head of Customer Security, said: “These cases show how SWIFT solutions, including our Daily Validation Reports tool, our Payment Controls Service and the gpi stop and recall facility can all have real, positive impact. They also evidence the importance of implementing security controls and of understanding and mitigating against cyber risks presented by counterparties.”
We would like to hear any feedback or suggestions you have – either on this content, or on what you would like to see us produce going forward.
Plus – we want to hear about your news and any interesting developments at your firm.
Please email firstname.lastname@example.org