Banks preventing ATO attacks by understanding DNA

As we discussed in our last post, account takeover (ATO) attacks can take on a life of their own. Decoding the DNA of an ATO attack is the first step in fighting back. 

If a fraudster successfully gains access to an online bank or merchant account that does not belong to them they can commit even more fraud using the targeted consumer’s data and personally identifiable information (PII). Fraudsters can reuse a victim’s ID, or parts of their real ID to create synthetic identities to open new bank accounts at different financial institutions or request new credit cards or loans in the account holder’s name.

Banks can either react to or prevent an ATO attack. If they are reacting, then the fraudster’s ATO attack has been successful, and the fallout can take a significant toll on a financial institution’s reputation and undermine consumer trust in the organization. And let’s not forget about the considerable financial stress that bank customers could endure as they attempt to sort through the fraud-related damage to their accounts and credit history. 

Here’s what banks can do to prevent future attacks armed with this understanding of ATO DNA.

Tip 1. Know Your Legitimate Customers’ DNA Profile

Prevention is a much more effective strategy when it comes to ATOs. Understanding the DNA of an ATO attack should be a central component of a bank’s fraud detection strategy. The second is to decode the financial DNA of their legitimate customers. This means developing a profile of their customers and their normal behaviors.

Building a DNA profile of legitimate customers relies on banks and businesses drawing on several different customer-generated data points to get a holistic view of normal behavior. These data points can include biometric actions – such as how they move their mouse, type on a keyboard, or hold a mobile device. They can also include behavioral data – what time of day a customer usually logs into their account, the mobile devices and networks they typically use, how much time they spend on a site or online platform, and how they typically transact. 

Malware detection can also identify precursors to ATO attacks like keylogging, phishing or Remote Access Trojans. All are examples of why fraud prevention should begin at the moment of login to stop any potential ATOs and future fraud attempts.

This knowledge of typical customers’ behaviors can help banks determine if an ATO attempt is underway if the customer’s account suddenly starts to behave differently. Using unfamiliar mobile devices, an unusually high rate of failed login attempts, changes to default language settings, or login attempts from new geographical locations or the detection of malware can alert banks that the account is experiencing some unusual activity, or even an active attack and is at a high risk of an ATO. Knowing when unusual events are occurring is the first step in preventing them and triggering the proper response mechanism to protect customers from being manipulated into compromising their session or revealing their credentials.

Tip 2. Educate your customers

Teaching customers about how ATO attacks succeed can be an important step in preventing future attacks. Fraudsters need access to legitimate customers’ personally identifiable information to commit ATO attacks. Banks and businesses should raise awareness about fraud tactics like phishing attempts like fake websites and SMS scams that trick customers into revealing their personal details. Consumers should also be encouraged to use secure passwords and change them regularly.

Tip 3. Promote good digital hygiene

Teaching customers about how their everyday online habits can reveal personal information can also go a long way toward ATO prevention. Banks can warn customers that some mobile gaming apps that they download can carry risks for their privacy, especially if they carry some type of malware. Fraudsters can also use customers’ social media profiles to build fake profiles and attempt to pass themselves off as legitimate users.

Tip 4. Invest in layered security

Banks can thwart ATO attempts if they have effective safeguards in place. This can include two-factor authentication and biometric measures to access bank accounts or authorize specific types of transactions. The more layers of security, the harder it gets for fraudsters to succeed in their account takeover efforts. But too much authentication can also cause customer friction. That’s why banks should verify their customers at every interaction to ensure nothing changed between their previous interaction and current one. This ensures only good users are interacting with the system and will continue to be allowed to transact.  

Key Takeaways

Account takeovers are one of the most persistent types of fraud because they enable even more fraud. If left unchecked, ATO can take on a life of its own. The key is to stop this type of fraud before it can reach the transaction stage. Stopping this fraud in its tracks begins with decoding its DNA and building an understanding of a legitimate bank customer’s financial DNA.

Download our eBook, Decoding Account Takeover Fraud’s DNA, to learn how banks can stop ATO attacks in their tracks without interrupting the customer journey.