Connect with us
Finance Digest is a leading online platform for finance and business news, providing insights on banking, finance, technology, investing,trading, insurance, fintech, and more. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.


By Gemma Staite, Lead Threat Analyst, Biocatch

Our daily routines are shifting online, and managing our finances is no exception. The days of visiting a branch for basic banking requirements are long gone, thanks to the prevalence of cashless and contactless payments, internet banking, and buy now, pay later (BNPL) services. Last year alone, 93% of customers used one or more digital payment methods and BNPL services accounted for $100 billion in purchases.

Although the popularity of online banking may make clients’ lives easier, it also increases their vulnerability to be affected by fraud. The concept of the traditional “vulnerable customer” has changed as a result of significant global events and the evolution of scamming tactics. Scammers now have a much wider range of potential victims, finding new victims and taking advantage of the weaknesses of various demographics.

When fraud occurs, it’s one thing to cover a customer’s financial costs, but once consumer trust is broken and they feel that their data is not sufficiently protected, reputational damage can be nearly impossible to mend. Adding yet more layers of security online and to applications can have the unintended consequence of undermining experience and cause users to turn to other providers.

Financial institutions, both established and new, are looking to new methods to protect those vulnerable to attacks, with solutions like behavioural biometrics poised to play a major role in building digital trust and safety.

Cybercriminals: covering all bases 

The methods used by online criminals are always evolving. Although the rollout of two-factor authentication is an important step for online banking on a global level,  scammers are beginning to evade these security measures, degrade them, and develop more cunning methods of contacting their intended victims.

Fraud methods vary depending on the intended victim. For instance, social engineering scams, where victims are emotionally and psychologically manipulated to obtain money or confidential information, have evolved to understand human inclinations and tendencies. These schemes have increased by 57% in 2021 with an average loss of $1,029 per victim, targeting consumers at the exact right moment when they are most vulnerable with the tempt of romance or friendship.

The threats do not stop here, with scammers moving to a multi-layer hybrid model to defraud unsuspecting victims. Often using a mix of smishing or SMS phishing, voice scams, and remote access scams, fraudsters reach thousands of victims in minutes, use bots to intercept one-time passcodes from the victim’s device and slip past bank security controls.

 How the ‘vulnerable customer’ has evolved

In the current economic landscape, cybercriminals are taking advantage of vulnerable and traditionally non-vulnerable individuals. This is driven by four factors – health, life events, resilience, and capability. All factors can shift suddenly and dramatically, and never in our lifetime has this been so apparent as during the pandemic.

Elderly customers remain a primary demographic for fraud, scammed out of an estimated $3 billion a year thanks to their better credit scores, plentiful funds, trusting nature, and lack of tech knowhow. Methods most prevalent in this age group include romance scams, imposter scams, and lottery and sweepstake scams, with 40% of identity theft fraud victims being over 60.

However, Gen Z have become a new target for financial crimes, primarily through social media. Younger customers who value convenience over privacy are increasingly falling prey to so-called ‘mule herders’ that slide into their direct messages, recruiting them into laundering schemes with the lure of quick and easy cash. This method can be very challenging to detect since the scammer does not interact directly with the banking platform and instead convinces the user to perform an action. Mobile malware is also a key feature in Gen Z fraud, with multi-factor authentication intercepted by scammers, hijacking their operating system through fake apps.

Security is paramount for all customers

As Gartner says, don’t treat your customer like a criminal. Customers want convenience, and financial providers should be able to provide the security they need. If you keep putting the onus on the customer to jump through hoops, they’re going to move to a provider that takes the burden of security out of their hands.

Thanks to the dynamic nature of cybercrime, managing fraud risk is a considerable and ever-evolving challenge. As scammers have got smarter, authentication methods have remained stagnant, leaving customers vulnerable to attack. To provide robust protection, financial institutions must recognise the vulnerability of one-time passcodes and knowledge-based authentication and look for solutions that go beyond the device, IP, and network-based attitudes. They must look to user behaviour to catch criminals before they strike.

Behavioural biometrics technology seeks out scammers through how they interact with online platforms, whilst ensuring that customers still have the frictionless banking experience they desire. Working passively in the background of a user web or mobile session, this technology monitors thousands of parameters such as pressure used when typing, how online forms are navigated and whether multiple fields are copied and pasted. For instance, in practice, behavioural biometrics can look for anomalies in digital interactions to reduce the risk of account takeover and identify ‘mule personas’ on social media to seek out potential mule herders. It can also detect potential social engineering scams, looking to typing hesitation and session length as indicators of foul play.

Scammers frequently change their strategies and targets. It has become clear that new solutions are required to protect susceptible customers as hackers are equipped with the technology to trick financial institutions and overcome two-step authentication. The best approach to capture fraudsters is to watch and recognise their online behaviour, whether it’s Gen Z falling for mule herders in their DMs or elderly victims of social engineering scams. Financial institutions can defend their clients from evolving dangers by using behavioural biometric technology to provide seamless yet safe banking.

Continue Reading

Why pay for news and opinions when you can get them for free?

       Subscribe for free now!

By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Posts