The Industry Speaks: Fraud Prevention Week 2024

This week is International Fraud Prevention Week, and this year the Commonwealth Fraud Prevention Centre is working with the theme of collaboration.

So Cyber Daily has collaborated with some industry experts to talk about the scale of the threat of scams and fraud, how scammers are growing increasingly sophisticated, and what businesses can do to protect themselves, their data, and their customers.

Patrick Harding
Chief Architect at Ping Identity

As our world becomes increasingly digital, fraud continues to grow at an alarming rate – putting businesses and individuals at risk of losing hard-earned dollars and valuable data. With AI, it’s never been easier for cyber-criminals to create fake identities, send phishing emails, forge documents, and even impersonate individuals with tools like voice cloning and deepfakes. In fact, 36 per cent of people reported that they experienced identity fraud, with financial fraud (18 per cent), account takeover (nine per cent), and impersonation (eight per cent) being the most common.

This International Fraud Awareness Week, both businesses and individuals must stay one step ahead of bad actors by using security solutions with built-in prevention, detection, and real-time threat response. By focusing on identity risks and remaining vigilant, we can spot fraud earlier and stop cyber criminals before the damage has already been done.

Peter Philipp
General Manager, ANZ, at Neo4j

Combatting money laundering rings is all about finding connections, and modern technologies are helping to piece these connections together – although some technologies are better than others. Knowledge graph technology, supported by a graph database, is well-suited for anti-money laundering work because its key aim is to uncover hidden patterns and relationships in data.

In simple terms, it focuses on ‘nodes’ and ‘relationships’, which means any number of qualitative or quantitative properties can be assigned to describe complex patterns coherently and descriptively. Graph databases place as much emphasis on the relationships between data points as the data itself, meaning that entities such as ‘person,’ ‘account,’ ‘company,’ and ‘address,’ along with their connections to one another, like ‘registered at’ or ‘transacted with,’ then reveal complex connections. With this richer context, banks can compare a single entity, such as a business or a person, against other similar data entries to identify potential deviations from the norm.

VIEW ALL

Real-time analysis that uncovers data patterns is the only effective way to keep one step ahead of the criminal networks and their money movements. Armed with graph database software and AI, the banking and finance sector can take on the money launderers and win.

Carla Roncato
Vice President of Identity at WatchGuard Technologies

While external risks such as cyber scams, ransomware, and identity theft are frequently headline news, insider risks can be difficult to detect and equally damaging for organisations. Insider risks can be intentional, such as data theft or sabotage by disgruntled employees, or unintentional, such as accidental data leaks or policy violations.

Employees, contractors, and suppliers with insider access can compromise or bypass information security controls to let in bad actors for profit, exploit privileges in financial and procurement systems to conduct fraud for financial gain and enact (intentional or unintentional) exfiltration of customer data and intellectual property to sell across dark web data marketplaces.

Les Williamson
Regional Director Australia and New Zealand at Check Point Software Technologies

As cyber fraud grows in sophistication, Australian business defences must evolve accordingly. With AI enhancing the reach and impact of fraud, organisations across all industries should adopt security that is equally dynamic, leveraging AI-powered solutions to outpace and outsmart attackers. Building a resilient cyber defence not only prevents fraud but fosters a safer, more trusted environment for Australian businesses and consumers.

In an era where technology is both a tool and a threat, businesses of all sizes must remain vigilant, adaptive, and informed. With a proactive approach to cyber security, Australia can build a resilient front against fraud, safeguarding financial stability, reputation, and customer trust.

An insider risk management program focuses on areas including:

• Company policy guidelines with clear, established definitions of acceptable use of company resources, data handling, and consequences for violations.
• Least-privilege, role-based access controls to ensure employees only have the minimum access to least the information necessary for their job functions,
• Monitoring and detection capabilities such as user activity monitoring of unusual behaviour that could indicate a potential insider threat and behavioural analytics using machine learning to identify patterns that deviate from baselines and norms.
• Incident response plan with specific steps to take when an insider threat is detected along with the ability to conduct forensic investigations to understand the scope and impact of an incident.

Finally, culture and training promote transparency and trust where employees are comfortable reporting suspicious activities along with training that provides a clear understanding of the potential consequences of insider fraud and risk activities.

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.