Combatting phishing attacks

Cases of phishing attacks and hackers attacking customers’ email and bank accounts are occurring on a regular basis. In October CIFAS, the UK’s fraud prevention service, reported nearly 60,000 identity fraud attacks this year, an increase of 36 per cent compared to the first nine months of 2008. Phishing attacks can be a big contributor to identity fraud so banks are increasingly looking for ways to reduce fraudulent activity through tools such as IP Intelligence which monitor transactions based on customers’ IP addresses, thereby establishing patterns in their online banking behaviour and preventing fraud as it occurs.

One bank that has used IP intelligence to detect and prevent losses associated with fraudulent activities is National Australia Bank (NAB). NAB’s customers were targeted by fraudsters so the bank introduced a number of measures including a robust two-factor authentication service that complemented its IP intelligence fraud detection. Consequently, NAB was able to cut its internet banking losses by approximately 99 per cent compared with the same time in the previous year.

By establishing customer and geographic based IP patterns using real-time monitoring techniques, NAB was able to identify a significant portion of compromised accounts before funds had even been withdrawn. This method together with two-factor authentication tools enabled the bank to pick up virtually all internet banking fraud.

The research by Trusteer shows that phishing is an ongoing threat that adds to the £1.2 billion annual identity theft cost to the UK. Banks need to ensure they are protecting their customers as far as possible by adopting the necessary technology to combat phishing attacks and reduce fraud risk exposure.