Cyberthreats to financial institutions in the wake of natural disasters

The recent spate of tropical cyclones, including Hurricanes Helene and Milton, has wreaked havoc on communities, likely leaving them to grapple with the aftermath for months and years to come. While the immediate focus is on rebuilding homes and infrastructure, the impact can also extend to the realm of cybersecurity. The disruption caused by such events creates a fertile ground for cybercriminals to exploit vulnerabilities in financial institutions (FIs), allowing fraudsters to compromise storm victims’ bank accounts and prey on the sympathies of people who want to help.

It breaks our hearts to witness the devastation to the people impacted by the storms. FIs must take steps to ensure these communities are not further victimized.

An FI’s immediate vulnerabilities following a storm are diverse:

• Disrupted infrastructure: Hurricanes can lead to power outages, communication failures, and damage to physical infrastructure. These disruptions can compromise the security of financial institutions' IT systems, making them more susceptible to cyberattacks.
• Increased reliance on digital services: As physical infrastructure is damaged, there is a greater reliance on digital banking and payment services. This increased reliance can make it easier for cybercriminals to target vulnerable individuals and businesses.
• Data breaches: The disruption caused by natural disasters can make it difficult for financial institutions to maintain adequate security measures, increasing the risk of data breaches. If sensitive customer data is compromised, it can lead to identity theft and financial loss.
• Phishing attacks: Fraudsters often capitalize on the chaos and fear created by disasters to launch phishing attacks. These attacks aim to trick individuals into revealing their personal and financial information, which can be used for fraudulent purposes.

In addition to these vulnerabilities that put banking at risk, there are a slew of payment-related scams that put customers and FIs at risk. Many of these scams put authorized push payment (APP) fraud front and center.

• Phishing emails: Fraudsters send emails posing as legitimate organizations, such as government agencies, insurance companies, or utility companies, requesting donations or payments for disaster relief efforts. Customers may use ACH transfers or card payments to send payments to these fake organizations. Phishing emails can also contain malicious links or attachments that can infect devices with malware to steal personal information.
• Fake charity scams: Fraudsters create fake charities to solicit donations for disaster relief. They may use misleading websites or social media accounts to deceive individuals into believing they are contributing to a legitimate cause. The impact of these scams extends nationally and even globally as people around the world want to help and send payments to these illegitimate charities.
• Disaster relief grants: Fraudsters may offer to help individuals apply for disaster relief grants or loans. They may charge upfront fees or ask for personal information that can be used for identity theft. Not only are they delaying these suffering victims from applying for legitimate relief, once the scammers have their personal data, they can open bank accounts, take out loans and cause collateral damage to the already devastated storm victim.
• Price gouging: Fraudsters may charge exorbitant prices for essential goods and services in the aftermath of a disaster. They may also sell counterfeit or low-quality products.

Most FIs have already put many of these measures in place.

• Emergency preparedness plans: Financial institutions should have comprehensive emergency preparedness plans in place to address the potential security risks associated with natural disasters. These plans should include procedures for safeguarding sensitive data, maintaining operational continuity, and responding to cyberattacks. Their fraud prevention partners should be a part of that plan, ensuring that they will not be the weak link in the financial institution’s security posture during and after a disaster.
• Employee training and awareness: Educating employees about the risks of cybercrime and providing them with the necessary tools and training to identify and report suspicious activity is crucial. This can help prevent fraud from occurring in the first place.
• Customer communication: Open and transparent communication with customers is essential before, during, and after a disaster. If you don’t start educating them before the disaster, they are likely to be too consumed with recovery efforts to recognize the signals of fraud. Financial institutions should provide clear guidance on a regular basis with information about how to protect their personal and financial information and report any suspicious activity.
• Enhanced security measures: Implementing advanced security technologies can help protect financial institutions and their customers from cyber threats. This includes using encryption, firewalls, intrusion detection systems, and modern methods of multi-factor authentication (MFA).

Our business at Entersekt is focused on that last category, "enhanced security measures," so I’d like to expand on that. If your primary authentication methods rely on passwords and OTPs, the emergency preparedness plan is a disaster waiting to happen. Fraudsters probably already regard your organization as a target, and the hurricane aftermath makes you target number one. There have been so many advances in technology for frictionless and customer-preferred challenge methods that are a quantum leap more secure and user friendly than antiquated passwords and OTPs.

Plus, there are risk engines that can help identify both when an imposter is attempting to hijack your customer’s account and a mule account that your legit customer is naively trying to push a payment to under false pretenses. You must find a partner who invests in making sure your authentication strategy is always advancing, and always keeping pace with fraudster innovation.

It is important to acknowledge that these should not be static plans. The must be continuously updated to adopt the latest technologies and anticipate the emerging fraud trends. Fraudsters are relentless pioneers, so financial institutions must align with partners who are equally innovative, proactive, and relentless. By anticipating and addressing these vulnerabilities and implementing robust security measures, financial institutions can help protect their customers and minimize the financial impact of cybercrime in the aftermath of natural disasters.

We can all play a part in helping these people and communities recover. Let’s make sure we are not playing a part in adding to their distress.