Industries

DEEP WEB & SOCIAL MEDIA CYBER THREAT INTELLIGENCE

Banks and Financial institutions (FIs) handle some of the most valuable and comprehensive information to cyber criminals, from account details, credit card data,sensitive personally identifiable information (PII) and access to capital.

Sophisticated cyber attacks primarily target banks and FIs for this reason and attacks are often orchestrated causing it to be persistent, elaborate and very damaging to the organization. The end game varies - with the attackers’ objective to obtain financial gain from sale of information, to cause reputation damage and gain personal pride from “taking down a big FI”, or to extort from victims of leaked data.

BFSI is estimated to account for 21.8% market share in the year 2016. The BFSI sector is expected to witness strong growth in the threat intelligence market. Rising threat intelligence spending within the sector in its response to the growing cyber-crime and internal breaches. Moreover, the frequency of attacks in the banking sector is increasing with a need to develop a strong security posture.

Advancements in the banking industry such as e-banking, mobile banking, and ATM are expected to increase security vulnerabilities. Furthermore, increased compliance and regulations fuel the demand for threat intelligence services.

Reduce Financial Fraud Costs and Protect Customer Data

Scan the clear, deep and dark web as well as social media for data leaks of BINs, account numbers, SWIFT codes, and various financial scams to identify and mitigate fraud campaigns at the source.

In the case of credit card fraud, chargebacks given by the banks and FIs reduce profitability. Even a one-time data leak will lead to erosion of trust between the client and your organization and drives them away to your competitors who have stronger security and risk-mitigation plans.

Most of the risk-management occurs when the customer realizes they have been compromised, this may show up as an unknown charge on their credit card, a series of spam calls from scammers or from unknown transactions on their bank statements. Remedial actions are often cumbersome and time-consuming. It is also very challenging to trace and locate threat actors without the use of NexVision. NexVision functions as a real-time and predictive intelligence monitoring tool - it can give you alerts of leaked personal information like credit card details, even before they have been used.

NexVision sends you automatic alerts on key assets such as your executives, key people, sensitive systems, products, supply chain, cloud provider and cyber data such as  IP ranges and domain names. 

Know Your Client (KYC) Compliance

KYC means Know Your Customer and sometimes Know Your Client. KYC or KYC check is the mandatory process of identifying and verifying the identity of the client when opening an account and periodically over time. In other words, banks must make sure that their clients are genuinely who they claim to be.

KYC procedures defined by banks involve all the necessary actions to make sure their customers are real, assess, and monitor risks. These processes help prevent and identify money laundering, terrorism financing, and other illegal corruption schemes. KYC process includes ID card verification, face verification, document verification such as utility bills as proof of address, and biometric verification. Banks must comply with KYC regulations and anti-money laundering regulations to limit fraud. KYC compliance responsibility rests with the banks.

In case of failure to comply, heavy penalties can be applied. “Banks are now carrying out more enquires related to KYC (Know Your Customer) and finding out the sources of their clients’ wealth – especially those with over SG$10 million (US$7.3 million). “These increases in compliance activities were happening as it is, but without 1MDB, they would have happened at a slower pace,” he added.

In the U.S., Europe, the Middle East, and the Asia Pacific, a cumulated USD26 billion in fines have been levied for non-compliance with AML, KYC, and sanctions-fines in the past ten years (2008-2018) - let alone the reputational damage done that has not been measured. To find out more of the clients’ wealth sources, banks rely on NexVision to do their due-diligence.

Prevent Brand Impersonations

It is becoming increasingly common for threat actors to pose as bank employees and contact customers to provide personal details like pin numbers, or to make dubious transactions. New and more sophisticated social engineering schemes and fraud tactics (including love scams) are developed daily and facing brand impersonation, banks and FIs have to utilize reliable threat intelligence to defend against the onslaught of threats that damage its brand and hurts its bottom line. NexVision scans through social media, private and public chat rooms as well as the clear and dark web to identify instances of impersonation and fraud, and sends you alerts, including details of the attacker and even the region where they are from, allowing you to alert your customers and protect yourself in real-time.

 

Expand Information-Resource Pool And Provide Parameters For Contextualization

Threat intelligence is often limited to the database resource that is employed. Many threat intelligence softwares have limited databases that do not capture enough, or relevant information. NexVision gives complete access to the clear, deep and dark web and is the only real-time solution that is constantly expanding - our software uncovers more than 120,000 new Tor sites a day.  Our machines provide unparalleled capability for ultimate threat detection, instead of relying on humans which often return false negatives. From threat identification, to processing data forms, analysis and prioritizing threats, our softwares does this automatically in real-time.

We help users to narrow the search with parameters so that you capture the most relevant information. For example, early identification of leaked credit card details of clients can allow you to block the card and prevent losses. This allows prioritized responses and allows security teams of all sizes and resource-capability to act on the most crucial threats targeting their customers, networks and infrastructure. Our team has 15 years of digital forensics expertise and can help you to make sense of the data and suggest threat-mitigation plans.

Example of stolen bank information. 

Market Manipulation and Insider Dealing

Market manipulation occurs when a person deliberately spreads false information about facts material to the audit, or omits certain information subject to mandatory reporting requirements, thus influencing the market price by deception. These are prevalent in the financial services and banking industry.

NexVision uncover suspicious financial activity and sends alerts - reducing investigation time by up to 90%. For example, leaked and shared financial details and statements can be recovered in real-time and its paper trail can be detected. Parameters can be expanded to key employees and their family members etc.

Office