Neha Anand, VP & Head – Cyber at Prudent Insurance Brokers:
Ravi Lalwani: Given the massive shift towards mobile, what kinds of cyber frauds have increased the most?
Neha Anand: Consumers are nowadays relying completely on their mobile phones for their day-to-day activities, be it for banking, online shopping, etc. The downside to this is the ramping up of cyber frauds. There are cases wherein cyber criminals have impersonated policemen and manipulated individuals into paying huge amounts to avoid getting arrested, saying that certain materials been seized in their names. There cases of UPI frauds wherein customers are getting duped by cyber criminals assuring them of refunds or cashback offers. Another recent example is consumers getting phone calls stating that their credit card is due for expiration and hence require the customer to share the last 4 digits of the credit card or debit cards along with the OTP. Cyber criminals have been targeting the older population who are not tech savvy and easily fall prey to such situations.
What kinds of data points have proven to be the most useful in detecting cyber fraud?
From a customer standpoint, it is very important that a customer regularly keeps a tab on their transaction history. This allows them to be mindful of any suspicious transactions taking place in their account. The banking sector focuses on strengthening the digital services being provided to customers. Today, banks are not only keeping a tab on the customer transactions and preferences journey, but are also immediately notifying customers on suspicious transactions taking place in the account on real-time basis. It’s the entire customer journey mapping that is helping in protecting and preventing online frauds.
How are hackers targeting the WFH employees? How are financial organizations securing such employees effectively?
Pre-covid19, employees worked in a safe corporate setting. The shift to remote work made it more difficult to maintain security procedures. Maintaining a clear security perimeter became challenging as IT security teams had to adjust to a decentralized work organization. Employees’ home wi-fi networks frequently lacked strong security, leaving them vulnerable to online attacks. Hackers have used phishing attacks, which can trick employees into clicking on harmful links, to take advantage of remote work disadvantages. These connections have the potential to install malware or launch ransomware attacks, encrypting confidential company information and interfering with business operations.
Considering all of this, numerous financial institutions have implemented VPNs to improve security protocols. This ensures data integrity and confidentiality by establishing more secure, encrypted connections between staff members and corporate networks. Employees can now use several verification methods to validate their identities due to the introduction of multi-factor authentication. Role-based access is also provided to employees through the identity and access management architecture.
Employers are now urging staff members to save data on centralized cloud services as opposed to local devices to reduce the possibility of data loss in the event of a cyber-attack and to ensure data backup. Frequent training sessions are planned to teach staff members about secure password management, phishing threats, and the best ways to handle private data. Importantly, in order to safeguard transactions and private information, employees and consumers should visit banking websites via secure Hypertext Transfer Protocols (HTTPS).
How can an organization ensure that its protection systems are up to date against emerging patterns of phishing and malware? Do you have to change solutions more frequently these days compared to earlier years?
With constant technological upgradation, companies are using digital solutions extensively to improve customer satisfaction, expedite processes, and enable real-time transactions like loan disbursement applications. Even with these developments, cybersecurity risks like ransomware, malware, and phishing are still developing. It is imperative for businesses to guarantee that security and business-enabling technologies are deployed in tandem, rather than separately, to effectively protect against these new risks. Any strategy for digital transformation should include security as a fundamental component, not an afterthought.
Businesses must also implement cutting-edge cybersecurity solutions and AI capabilities to anticipate, identify, and eliminate all cyberthreats beforehand. Security software, firewalls, antivirus programs, and other devices should all receive regular updates. Besides the use of multi-factor authentication, it is also important to consider how employees should react in the case of a security breach.
Cyber insurance policies offer both individuals and businesses financial protection against damages brought on by identity theft, cyber fraud, and other online crimes. A larger audience should be given cybersecurity education since digital financial services are becoming more and more prevalent in rural and small communities. Governments and financial institutions should work together to inform people on how to prevent fraud and what to do in the event of digital theft.
Recent Articles:
Propelld: 29% women borrowers, of whom 40% are NTC
