As we move through Fraud Awareness Week, it is important for organisations and consumers to remain on one's guard.The commentary from Matt Aldridge, Principal Solutions Consultant at OpenText Cybersecurity discussing the techniques leveraged by threat actors to commit fraud, and providing insight to businesses and consumers on how to stay safe.
"Fraud Awareness Week should serve as a stark reminder for businesses and consumers to remain vigilant. Fraud is an ongoing challenge for organisations - as the breadth, quantity and quality of cyber attacks continue to escalate. For the first time since 2017, there has been a steep rise in infection rates for both business and consumer devices this year. OpenText Cybersecurity Threat Perspective 2024 report observed growth in infection rates in North America, Europe, Africa and Australasia from 2022 to 2023.
As cybercriminals evolve, there are a myriad of techniques available at their disposal, the most effective and pervasive of these are the various flavours of phishing attacks, but these are often just the first stage of a broad scheme designed to rapidly extract funds from a target. Other key tactics and techniques include business email compromise (BEC) attacks - which in general are the most profitable of all attack types. BEC attacks continue to grow, and are now even being boosted by the use of deepfake and other AI-powered technologies to greatly increase success rates.
Online marketplaces and e-commerce are of course far from immune to abuse, and attacks against these continue to grow and evolve, including fraudulent listings, payment scams, counterfeit goods, account takeovers and fraudulent chargebacks.
For businesses, the most important approach to defend against these fraudulent attacks is to spread awareness within the organisation, to upskill and empower all workers to identify attacks at the earliest possible stage. Beyond this, it is critical that inbound communications are thoroughly screened before being presented to users, be they emails, SMS, or even old school postal and fax communications - all of these are open to abuse, and users must increasingly expect to be socially engineered by phone calls, voicemails and even video calls.
For consumers, baseline precautions for all to follow are: keep your systems up to date with the latest patches and OS versions and use unique, secure passwords which have been generated within a password manager. Additionally, when possible, switch to passkey or token-based authentication instead of passwords, and always enable multi-factor authentication!"