"Organizations are putting in layers of security and tools to safeguard information and assets, however, the fraudsters are attacking our weakest link, the consumer," says Anthony Vitale of Patelco Credit Union.
RSA Chief Executive Art Coviello challenged a widespread belief that cybersecurity awareness could curb cyberthreats: "There's no amount of consumer education to make them smart enough to resist attacks. They're just too sophisticated."
Successful wire fraud attacks cause losses averaging between $100,000 to 200,000 per victim. So, it's not surprising that banks are being sued by business customers for alleged failures to prevent fraud via ACH.
International communication and public-private partnerships are the keys to cybersecurity in the financial space, according to the Department of Homeland Security and the Financial Services - Information Sharing and Analysis Center.
"What banks need to be aware of is that much of this fraud is occurring on the consumer and business-customer side, and not all of them will invest in technology that catches these attacks," says Phil Blank of Javelin Strategy & Research.
In an ironic twist, a new phishing scheme, purporting to be from the Federal Deposit Insurance Corp., actually claims to offer assistance with ACH and wire fraud, but instead delivers malware that could enable fraud.
Doug Johnson of the ABA and FS-ISAC says banks and commercial customers are improving efforts to catch and thwart incidents of corporate account takeover, a sign that the industry is moving in a positive payments direction.
Many disaster-related attacks are personal and direct, perpetrated through a phone call. But some take traditional routes, such as e-mail, while more are taking emerging routes, like text messages to mobile devices.