Fraud Prevention Part 2 of 2: Developing a High-Impact Fraud Protection Program

In the second of two blog postings on fraud prevention, Jack reviews ways to develop a high-impact fraud protection program.

A high-impact fraud program starts with an understanding of the evolving cybercrime landscape. We covered this in our earlier blog posting.

Sophisticated techniques to evade detection

Crime 3 160x157Today’s cybercriminals use a host obfuscation techniques to evade detection which  makes it extremely difficult to identify the many elements needed to investigate  cyber-attacks. Techniques include geographic IP address blocking and browser language detection. A cybercriminal will often create phishing attacks targeting a certain region, and combine this with methods of blocking all attempts to analyze the threat from areas outside of the target region or in different languages. For example, an attack on French-speaking regions in the Caribbean will block all non-French language browsers that are not located in the region.  This increases the challenge of detecting and taking down the phishing sites.

Be on your guard

Professional Social Media sites like LinkedIn contain a treasure trove of data about an organization and employees. Fraudsters create fake professional profiles to connect with legitimate users and they can then easily deliver fraudulent direct messages. Threat actors are using internal distribution lists to deliver malicious attachments. HR personnel frequently need to open .pdf attachments to review resumes, which leaves them open to downloading malware.

What can you do externally?

Get help! Don’t try and solve the problem in isolation. An anti-fraud service provider such as MarkMonitor has extensive industry expertise and is equipped for quick mitigation of online fraud problems. They can help you monitor the web for lookalike domain registrations. Utilize Fraudcasting services to block consumer access to the malicious website. Finally, an anti-fraud service provider can quickly disable fraud email address or phishing and malicious websites.

What can you do internally?

Block emails from new domains for a specified period of time. It’s reasonable to expect that legitimate new domain registrations will not be trading or communicating with your company within the first 3-5 days of registration. By blocking these recently -registered domains you’ll ensure that customized email scams will not get through if they are utilizing a new lookalike domain name.

Aggressively and persistently educate employees. Empower employees to feel confident in their understanding and make smart decisions regarding their inbox. Help them to understand which emails to trust and which should be treated with skepticism.

Understand why you are a target and what you can do to make your company harder to target. Where are your weaknesses? Where are your losses coming from? Knowing those weak areas allows you to focus on making your company a harder target, one that is less valuable to fraudsters.

Preparation is key

The one sure thing about cybercrime is not if it will happen to you, but when it will happen. It’s important to fully prepare. Everyone in your organization needs to be ready, including those in HR, Payroll and Accounts Payable. Have fraud processes identified before the firefighting starts. Good email skepticism on the part of your employees isn’t about reducing trust but all about increasing education and awareness. Empowered employees make better decisions.

Ask yourself: Is your organization ready?

To access a recording of a recent webinar where this topic is discussed in more detail click here.