Behavior 'Baseline' Used To Beat Malware

Register now

LOS ALTOS, Calif. — A solution that creates a behavior "baseline" for members has been found to be effective in battling the online threat presented by malware.

The concept behind malware, the cyber-term for malicious software, isn't new, and online crime rings continue to introduce new means of installing it in consumers' computers.

"This malware steals credentials and allows criminals to gain access and steal money," noted Terry Austin, CEO of Guardian Analytics, which provides fraud prevention for the online channel to 40 financial institutions, including 16 credit unions. "They can set up bill pay accounts to companies they control, and they also use wire transfers."

To combat this mushrooming threat, Austin said CUs need to put protections in place and monitor their members' behavior to detect fraud. This must be done in a manner that does not inconvenience the member, he advised, as some methods are effective but they are not practical or convenient.

"We track and monitor everything people do during online banking transactions to spot suspicious activity and help a credit union stop that activity before any money is transferred," he said of the company's service.

The solution employed by Guardian Analytics works in several stages, Austin explained. At the server level the company has in place a fully-staffed, hosted solution. These GA employees examine all information about members using online banking and create a unique profile for each person. This establishes a baseline as to how each member typically uses online banking, so when a fraudulent user does something different the company can spot it.

"We can detect the fraudulent access before they can steal money, either by the location, time of day, different browser, or even the activities," he said. "Cyber-criminals are constantly innovating and coming up with new techniques to steal money. Because we focus on the legitimate user and their behavior, we feel we are ahead of the usual cat-and-mouse nature of other security solutions out there because we are able to respond to any type of threat."

New Threat: 'Man In The Browser'

One new online fraud threat that has emerged in the last year is known as "Man in the Browser," which Austin described as an advanced malware that allows criminals to appear as if they are logging in from the victim's computer.

"Because we are looking at the totality of the user's behavior, we are able to spot that. We had to make some adjustments, such as putting less emphasis on the IP address or the machine, and putting more emphasis on type of activity."

Cyber criminals continue to reinvest in new innovations and, Austin noted, "There is no sign of them stopping because they are so successful in taking money out. Many are overseas, so there is little risk of being arrested."

For reprint and licensing requests for this article, click here.