Krishna Vishnubhotla from Zimperium Highlights Differences Between Mobile Banking Fraud and Related Scams

Krishna Vishnubhotla at Zimperium – a provider of mobile security, highlights crucial differences between mobile banking fraud and mobile banking scams.

The convenience of managing our finances on the go has streambed the way we handle our money. We live in an era where mobile has become the digital channel of choice for banking and where we use our smartphones for nearly all our financial transactions. However, as with any technological innovation, mobile banking also comes with its fair share of risks, particularly in the form of fraud and scams.

Outseer reported that 59% of fraudulent banking transactions were initiated via mobile banking apps in 2022. Additionally, recent research from Zimperium discovered that traditional banking apps accounted for 61% of the apps targeted by 29 specific banking trojans in 2023, while the other 39% accounted for emerging fintech and trading apps.

Understanding the nuances between fraud and scams in the mobile banking sector is vital for CISOs, finance, and security professionals. It is critical for protecting customer assets and safeguarding institutional integrity.

In the face of an increasing attack surface for the financial industry and rapidly evolving threats, Krishna Vishnubhotla, VP of Product Strategy at Zimperium, explains the key differences between fraud and scams in the context of mobile banking. Vishnubhotla also discusses the repercussions institutions can face as well as how finance and security professionals can aim to prevent and address these types of attacks.

Vishnubhotla is a seasoned professional in the SaaS industry, specializing in catalyzing startup growth through adept product and marketing strategies. With a keen focus on mobile application security products, he has a proven track record in defining and executing product visions that drive significant revenue growth. In addition to managing a global customer success portfolio, he established high-value strategic partnerships. His leadership skills extend to spearheading revenue generation efforts, serving a diverse clientele across multiple industries.

Our conversation with Krishna is shared below.

Crowdfund Insider: So, what exactly are the key differences between mobile banking fraud vs. scams?

Krishna Vishnubhotla: Mobile banking fraud is illegal and unauthorized activities conducted through mobile banking applications. Much like online fraud, mobile banking fraud involves cybercriminals’ employ methods like hacking, malware, or phishing attacks to obtain a user’s confidential login information — including passwords, personal ID numbers, and token codes — and to gain access to accounts and improperly transfer money or commit other fraudulent acts. Some clear signs of mobile banking fraud include unexplained account transactions, login attempts from unknown locations, or unauthorized changes to account information.

On the other hand, mobile banking scams often take advantage of a users’ confidence in their banking applications and the ease of mobile transactions. These schemes usually involve tricking individuals into unknowingly participating in dishonest transactions through social engineering tactics like phishing, vishing, or smishing, which manipulate users into revealing sensitive information or transferring money voluntarily.

Given the increasing reliance on mobile banking, these types of attacks have become a significant concern for financial institutions and their customers.

Crowdfund Insider: What are the repercussions for victims and institutions that are associated with these cybercriminal tactics?

Krishna Vishnubhotla: The dangers posed by fraud and scams within the realm of mobile banking are significant. While financial losses may be the most obvious outcome, there are other greater consequences to consider as well for both customers and financial institutions.

For the Customer 

As mentioned, financial loss is one of the more commonly known risks customers can face in the event of a fraud or scam incident. Financial loss can occur when unauthorized transactions are made without a customer’s knowledge to drain funds from their accounts. Identity theft is another common tactic used by scammers who steal user’s credentials to commit fraud, such as opening new accounts or obtaining credit in the victim’s name. Additionally, fraudulent activities can impact a victim’s credit score which can lead to difficulties with obtaining any future loans or mortgages.

For Financial Institutions

Maintaining a good reputation is crucial for financial institutions, and incidents involving fraud or scams can not only quickly erode consumer trust but also lead to a loss of credibility overall. Even more so, restoring trust and reputation after a security breach can be a very complex and costly process for most organizations.

In addition to reputational damage, failing to protect customers’ data can put financial institutions at risk of regulatory penalties and legal implications. Banks, for example, are required to adhere to strict regulations concerning customer data protection and financial security such as the Payment Card Industry Data Security Standard (PCI DSS). By not complying with such standards, institutions can face sanctions and hefty fines due to regulatory scrutiny.

Mobile banking fraud and scam incidents can also cause operational disruptions for financial institutions. Responding to and recovering from these types of incidents requires significant time and resources for items such as investigation, customer support, and implementing corrective measures. This, altogether, can divert resources away from other essential functions and projects and cause a decline in productivity.

Crowdfund Insider: How can finance and security professionals best safeguard their institutions and customers against bad actors?

Krishna Vishnubhotla: Mobile banking offers a wealth of convenience, but it’s crucial to stay alert and take steps to safeguard ourselves from potential threats. This requires a collaborative effort between both customers and their financial institutions.

Empowering customers through education: Financial institutions should regularly inform customers about the latest fraud tactics and scams. Utilizing bulletins, emails, and even short in-app notifications can keep customers informed.

Building a secure fortress with multi-layered security: Banks should utilize robust security measures like multi-factor authentication (MFA) which requires an extra verification step beyond just your password. Additionally, implementing data encryption and continuous monitoring can help to safeguard sensitive information as well as identify irregular transactions or suspicious activity quickly.

Investing in cutting-edge technology: Financial institutions should continuously invest in building strong and secure mobile banking apps. Choosing security solutions that can adapt and keep up with the evolving mobile threat landscape is critical for sustained effectiveness. Emphasizing the need for solutions integrating AI and autonomous updates is critical in staying ahead of sophisticated threats, like banking trojans and zero-day exploits. This approach enables proactive defense mechanisms, continuous monitoring, and immediate response to threats without manual intervention to keep security up-to-date.

Swift action against threats: If and when a customer suspects suspicious activity in their account, it’s crucial they report it to their bank immediately. Banks should have a system in place in order to swiftly investigate and address such reports, and should be ready to collaborate with law enforcement to track down perpetrators.

Unfortunately, the financial industry’s battle against fraud and scams is ongoing. By working together, financial institutions and their customers can ensure mobile banking remains a safe and reliable way to manage finances. When institutions prioritize education, invest in robust technology, and implement effective policies, mobile banking becomes a secure cornerstone of modern financial activities, offering both ease of use and peace of mind for both the institution and its customers.



Sponsored Links by DQ Promote

 

 

Send this to a friend