Cybercrime is not a new word for most people. However, the tactics fraudsters use to scam customers are ever evolving and new. As our lives are becoming more integrated with the digital world than ever before, fraudsters too have been busy finding new ways to defraud customers by gaining access to their accounts or personal data. One such fraud attack vector which has increased in the last couple of years is occurring with the use of Remote Access Technologies.
Remote Access Technology refers to the usage of online access tools to connect to, access and operate devices remotely. Remote access tools such as TeamViewer and Android VNC Viewer are common and serve a useful purpose in helping users overcome technical issues. When used properly, these tools are extremely valuable, allowing a trained representative of an organisation to help a user resolve an issue. However, when applied nefariously, these online tools can be employed to gain access to the customer’s device, often bypassing security measures that are in place to protect customers in the process.
According to the UK Finance Report 2021, impersonation scams saw the biggest increase of any type with volumes almost doubling in 2020. Remote access scams are impersonation attacks that have been on the rise with little customer awareness.
In a remote access scam, fraudsters often phone the customers and identify themselves as representatives from an IT department of a bank, internet service provider or utility company claiming to help fix a problem they detected on the user’s device. They then convince the customer to download and install remote access applications on their laptop, PC, or mobile device. Once the fraudster gains control of the device, they can assume the digital identity of the customer without physically possessing the device.
Using this access, fraudsters have the ability to conduct a number of different activities including, but not limited to, stealing the customer’s personal data, passwords, financial information, installing unwanted, and potentially malicious software (malware), all of which can result in a direct financial loss to the customer. In such circumstances, customers typically turn to the business the fraudster was purporting to be for the issue to be dealt with. This creates a large burden for the organisation to investigate, evaluate and in many cases re-imburse the losses to the customers.
What makes this type of attack difficult to detect is that a user’s login credentials, IP address, device fingerprint, and other digital metadata (browser versions, OS version etc.) are the same. Such elements are usually unique to the customer attempting to interact with a business’ digital channel.
These signals, which are collected when the customer starts using the app, are valuable indicators for a business in identifying a trusted customer. When these signals historically match what a business is expecting for a known ‘trusted’ user they are likely to approve interactions more readily, require less invasive step-up events, and overall enable a more friction-free experience for the customer. Conversely, when these digital signals are missing, a more risk averse approach is often taken.
Merchants have constantly put in efforts to increase awareness of various types of cyber scams and how customers need to be alert in averting them. Along with this, companies should also constantly strive to implement stronger, intelligent security measures in their digital channels which can help prevent such attacks from happening in the first instance. As noted by the Experian report for 2021, 60% of consumers in the UK reported that they want businesses to implement strong, invisible security measures.
Accertify’s InMobile product has the capability not only to detect malware, crimeware, and the integrity of the user’s device but also has the capability to detect if a remote access application may be active while there is a phone call in progress. By detecting whether a remote access application is active, businesses can take decisive action to protect their customers that are more vulnerable to this type of attack.
About Accertify
Accertify is a leading provider of fraud prevention, digital identity, device intelligence, chargeback management, and payment gateway solutions to customers spanning diverse industries worldwide.
For further information on Accertify’s products and services please visit: https://www.accertify.com/products/
_______________________________________________________________
Authors:
Niveditha Sunki, Accertify
James Palmer, Accertify
For more information about SOTER visit the project website and follow us on Twitter and LinkedIn.