BEC and RAT Attacks Continue to Underline the Importance of Behavioral Biometrics

BioCatch is warning about the dangers of corporate fraud in the wake of the FBI’s 2018 Internet Crime Report. The company specifically highlighted the threat of Business Email Compromise (BEC) attacks and Remote Access Trojan (RAT) attacks in a new blog post, both of which can be mitigated with the help of behavioral biometrics. 

Of the two, BEC attacks were far more common, and attempt to take advantage of a business’s human element. In a BEC attack, a fraudster will spoof the email address of an executive to try to coerce unauthorized payments from lower-level employees. According to the FBI, such attacks accounted for nearly half of all reported cybercrime losses in 2018 ($1.2 billion out of $2.7 billion total), with enterprises receiving an average of 120 malicious emails per quarter.

A RAT attack involves malware that allows a hacker to take over a user’s device. Such attacks are less frequent (eight percent of all observed malware), but the rates have been skyrocketing, doubling every quarter of 2018 after sitting at only 0.04 percent in 2017.

BioCatch presents behavioral biometrics is a potential solution to both problems. During a BEC attack, the fraudster needs to imitate the behavior of an executive. A behavioral biometrics platform is able to spot anomalous activity and flag (and block) fraudulent transactions, as it does in instances of vishing fraud. In the case of RATs, meanwhile, each Trojan has a unique, non-human behavioral pattern that can be identified and then isolated.

Earlier this year, BioCatch warned that corporate treasuries are highly attractive to fraudsters, and the FBI report would seem to reinforce that idea. The company’s behavioral biometrics platform recently became more widely available through the ForgeRock Marketplace.

–

(Originally posted on FindBiometrics)