- It’s imperative that organizations take measures to protect themselves against cybercrimes.
- To be effective, fraud prevention needs to be constant, comprehensive and always evolving.
- SVB offers several tools that can help you set a fraud prevention strategy.
With fraud losses typically totaling around 5% of an organization’s annual revenue, vigilance, awareness and basic fraud prevention are imperative to financial survival. Here’s what you need to know about the latest threats and practical advice on how to protect yourself and your business interests.
The latest threats
Attacks involving ransomware, the malicious software that blocks a computer user’s access to data until a payment is made, continue to pose a significant threat to organizations. A Financial Trend Analysis release from the Financial Crimes Enforcement Network (FinCEN) reports that there were almost 1,500 ransomware incidents filed totaling nearly $1.2 billion in 2021 — a 188% increase over 2020, when ransomware incidents totaled $416 million.1 Digital supply chains are particularly at risk for ransomware attacks (see more below).
Smishing, a form of phishing that utilizes SMS text messages rather than the traditional method of email, is also on the rise. Smishing texts typically consist of an urgent message from what appears to be a trusted person or company. The recipients are directed to a fraudulent site where they are prompted to reveal private credentials or, alternatively, to download a rogue application that compromises their smartphone’s security.
Fraudulent QR codes directing people to a website where their information and/or funds are stolen is yet another threat. With the growing use of digital banking, mobile wallets and online payments, QR code manipulation has become a particularly pernicious threat as it preys on our desire to perform tasks as quickly and efficiently as possible.
Ransomware and digital supply chain considerations
Digital supply chains are exposed to the greatest degree of ransomware risk when vendor oversight is weak or nonexistent. Bad actors posing as third- or fourth-party supply chain vendors can readily access key data when not properly vetted or monitored.
Gartner predicts that by 2025, 45% of organizations will have experienced attacks on their digital supply chains — a threefold increase from 2021.2 As a result, security and risk management leaders are increasingly spearheading initiatives to help minimize exposure. Consequently, the adoption of vendor risk management monitoring services is expected to grow by almost 15% each year until 2026.3
Practical steps to help protect your organization
To be effective, fraud prevention needs to be constant, comprehensive and always evolving. Despite the growing prevalence of cybercrime, individuals and businesses have ample opportunity to protect their finances and data. Consider these key prevention tips:
Think long-term: Develop a multi-year strategy, working with outside agencies specializing in cybercrime, third-party risk, legal/compliance and data governance.
Take a 360-degree view: By looking at threats holistically, your organization can better detect and prevent fraud in many forms — external, internal, consumers, vendors and more.
Have a plan: A comprehensive incident management response plan can include communication, education, training, risk ratings, impact analysis and reporting protocols with external and internal fraud and risk partners.
Scrutinize and validate: Bad actors take advantage of the compromised judgment organizations exercise when under pressure or moving quickly. Always scrutinize “urgent” requests and validate that “trusted parties” requesting sensitive data or changes to bank instructions are who they say they are.
Helpful tools and resources
Below are tools and resources available from SVB that you can leverage to help protect your organization from cybercrime.
Learn best practices
Visit the SVB Fraud Prevention Center for insights and articles on fraud trends.
Educate yourself on Business Email Compromise
View the Business Email Compromise training video to understand one of the most common fraud threats to businesses today.
Many insurers (such as Vouch4) provide policies that cover cyberattacks.
Conduct a cybersecurity assessment
To help ensure you are meeting your security needs, consider hiring a cybersecurity expert to perform a thorough assessment of your potential exposure to cybercrimes.
To be effective, fraud prevention needs to be constant, comprehensive and always evolving. Periodically refer to this presentation from SVB’s Cyber Fraud event to stay on top of threats.
1 See FinCEN Financial Trend Analysis “Ransomware in Bank Secrecy Act Data Between January 2021 and June 2021”, 15 Oct. 2021, https://www.fincen.gov/sites/default/files/2021-10/Financial%20Trend%20Analysis_Ransomware%20 508%20FINAL.pdf.
2 See Gartner, “7 Top Trends in Cybersecurity for 2022.” https://www.gartner.com/en/articles/7-top-trends-in-cybersecurity-for-2022
3 See MordorIntelligence, “Vendor Risk Management Market -Growth, Trends, COVID-19 Impact, and Forecasts (2023-2028).” https://www.mordorintelligence.com/industry-reports/vendor-risk-management-market#:~:text=The%20market%20for%20vendor%20risk,period%20(2021%2D2026)
4 Terms and conditions apply. Offers subject to change without notice. Provider companies offering discounted tools and services are independent third parties and not affiliated with SVB Financial Group.