In a survey of 230 banks and credit unions conducted by the Information Security Media Group, only 23% of respondents learn of fraud through their own auditing processes. This response indicates that better fraud detection is needed before it affects the customers, the survey noted.
The survey also found that 82% of banks experienced credit card and/or debit card fraud. At the same time, new online fraud schemes, such as phishing and vishing, are on the rise. Almost half of respondents said they had experienced phishing and vishing (social engineering that exploits VoIP to obtain financial information).
Despite the growing incidents of online fraud schemes, only 32% of banks said they felt prepared to prevent online bank fraud.
In the fast-paced online world, 55% of respondents said they still use manual reports to detect fraud. “It isn’t necessarily that institutions don’t have information systems in place to derive relevant data – often they do. The challenge is that they have no systems or processes to share and analyze this data across the organizational silos or impacted channels”, the survey observed.
Most banks said the best way to fight fraud is through employee and customer education and awareness programs. However, around 70% of respondents said that their employee and customer education and awareness programs need improvement. In addition, 14% of institutions said they did not have a customer education and awareness program.
For 2011, a majority of banks said they intend to invest in authentication technologies; 44% said they plan to invest in intrusion prevent technologies. Other security areas that banks plan to invest in next year are fraud case management systems, end-to-end encryption, and neural net fraud detection technologies.