• UK FB issued blog article entitled Device takeover fraud: A cheat code for fraudsters, A rising threat for financial institutions, focusing on new type of fraud on the rise in UK.

Device Takeover Fraud

• Device takeover, or DTO fraud, involves fraudster gaining unauthorized access to a user's device and executing a fraudulent transaction from the user's device itself.
• Therefore the fraud can evade detection from traditional detection, location signals.
• Fraudsters can use mobile malware to take over user devices, including by use of malware masquerading as legitimate apps, and phishing or smshing campaigns.
• Data shows number of mobile malware families targeting UK institutions has risen by 94% in past 3 years, can steal credentials and execute transactions remotely.
• Legitimate remote access tools (RATs) also used, with fraudsters socially engineering victims into downloading these, under guise of being support from customer's bank.
• Once victim gives away control of device, can capture credentials, make transactions.
• Physical theft of device also continues to be effective method of device takeover.

DTO Fraud Detection

• Forward-looking financial institutions have effectively countered rising threat of DTO fraud through detections in digital channels to find malware, remote access tools etc.
• Can then block high-risk transactions in real time before funds leave customer account.
• Investing in threat intelligence capabilities to proactively understand latest techniques to take over devices, and consumer awareness campaigns warning users of risks.

Conclusion

• As anti-fraud controls mature for popular fraud methods, fraudsters are pivoting to other tactics, such as DTO fraud, that are harder to detect with existing controls.
• Firms can perform look-back exercises to understand potential size of DTO exposure of their institution in past 12 months, better data gives better understanding of problem.