As guardians of valuable monetary assets and highly sensitive data, financial institutions are the perfect target for cybercriminals. According to IBM, the financial services sector was the number one target of cyberattacks in 2020 among all industries. This means these organizations continue to be challenged and invest heavily in both people and technology to make sure they can withstand attacks of any type.

Mastercard is one of the world’s top payment processing platforms, with more than 700 million cards in use worldwide. In the US, nearly 40% of American adults hold a Mastercard-branded card. And the company is going from strength to strength; despite a dip in valuation of more than a third when the pandemic hit, the company has doubled in value three times in the last nine years, recently reaching a market capitalization of more than $350B dollars.

Protecting your applications from abuse of functionality requires understanding which application features and workflows may be misused as well as the ability to quickly identify potential threats to your services. This visibility is particularly critical in cases where an adversary finds and exploits a vulnerability—such as inadequate authentication controls—to commit fraud.

With web applications and public APIs becoming increasingly important to how organizations interface with their customers and partners, many are turning to dedicated tools that can help protect these assets.

Countless phishing attempts are made every day, and with Covid-19 causing many organisations to move to remote working, phishing attacks have massively increased over the last year. In fact, last year’s Phishing and Fraud Report found that phishing incidents rose 220% during the height of the global pandemic compared to the yearly average.

In May 2020, Kroll was contacted by a purveyor of high-end meats after receiving several customer complaints of potentially fraudulent credit card activity. The fraud allegations were raised after several customers observed unauthorized transactions on their credit cards shortly after placing orders through the purveyor’s e-commerce website. Kroll quickly assigned one of their seasoned Payment Card Industry (PCI) forensics investigators to review and investigate the matter.

Having closed brick-and-mortar operations on March 16, 2020 for safety reasons, the nearly overnight shift to a purely e-commerce revenue model brought uncertainty. However, a rapid uptick in online sales provided a sense of relief, albeit short-lived. Our client became concerned when a closer look at the online transactions revealed an unusually large volume of electronic gift card purchases made using their private label credit card.

According to the Association of Certified Fraud Examiners, the money lost by businesses to fraudsters amounts to over $3.5 trillion each year. The ACFE's 2016 Report to the Nations on Occupational Fraud and Abuse states that proactive data monitoring and analysis is among the most effective anti-fraud controls.

Fraud comes in different forms, from client-facing credit card fraud to internal fraudsters twisting the loan portfolio. Banks (and other financial institutions) need to stay vigilant and act fast to prevent the loss of both money and reputation that follows each fraudulent incident. Fraud is expensive, but fraud prevention, detection and remediation can also be costly.