Valentine's Day Presents Rising Risk for Financial Institutions

BY KRIS BENGTSON

Valentine's Day is here, and for hackers, this means a host of new opportunities to prey upon victims at their most vulnerable. As Americans across the country search for the perfect gift for their loved one, a rise in Valentine’s targeted attacks is set to await them. Adding to this increased risk, financial services firms are already 300 times as likely as other companies to be targeted by a cyberattack (representing 25% of all cyber attacks) and further, dealing with those attacks and their aftermath carries higher costs for banks and wealth managers than for any other sector. It's common practice for hackers to abuse search keywords and trends associated with holidays and special events for malicious intent. Valentine's Day is no exception to this and statistics show a consistent and significant rise in the number of malicious domain registrations, spoofed sites and phishing emails targeting the “holiday” in the months preceding it. According to research firm Check Point, in 2021 a 29% year over year increase in Valentine's Day themed domain registration was observed in January. Of approximately 23,000 domains, they found that 523 were malicious or suspicious. Also, in 2018 and 2019 Valentine’s Day domain registration increased by over 200% compared to the previous months. This was the largest increase reported in each of those years.

As the overall landscape of Valentine’s Day cyber threats continues to expand, these attacks can take many forms. According to Mimecast Threat Labs, the following are most common:

Phishing attacks in particular pose a major risk to financial institutions as they can be used as a foothold into the network for more sophisticated exploitation. These attacks leverage several techniques into one. They often spoof not only email format, but customer orders/receipts and full web pages with falsified location information in order to fool unsuspecting potential customers. With the rise of ransomware style attacks and APT (Advanced Persistent Threat) these threats can cause significant losses in terms of money, data and reputation to any business.

Spotting these external attacks is only one part of the problem. What is worse is, despite the increased exposure financial institutions face to these risks, many reportedly suffer from a “failure to prioritize cybersecurity”, and those that do prioritize often focus on “prevention over detection and response”, according to Boston Consulting Group. Thus, leaving them potentially unaware of long term exploitation of network assets, with an average of 200 days undetected suggested in one study.

STAY PROTECTED AND STOP THREATS

The key to keeping your bank or credit union protected from cybercrime this Valentine’s Day is to have a complete, integrated cyber solution that encompasses employee training, network testing and monitoring, as well as efficient incident response in the event that there is a breach. While this is easy to say, the costs and specialized knowledge associated with implementing this type of system internally can be prohibitive to small or midsize businesses.

Full scale cyber solutions as a service can be the key to keeping your business protected and your customers secure in the increasingly hostile landscape of the financial services sector. For any questions on how you can keep your business organization safe, reach out to SixGen’s team of experts here.