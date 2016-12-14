Fraud, particularly cyberfraud, remains a huge concern for corporate finance executives. A recent survey conducted by TD Bank found that treasury and finance executives expect payment fraud and cybersecurity threats to be their top challenges for 2017; these threats were cited by 34% of the survey’s respondents.

The news earlier this year that the Bangladesh central bank was hit by a cyberheist totaling $81 million illustrated the potential cost of such frauds. And in June, the FBI reported that losses from just one type of fraud, business email compromise scams, had risen by 1,300% since January 2015.

With business email compromise (BEC) scams, fraudsters gather information about a company and its executives, either on social media or by penetrating the company’s systems. Then they use that information to trick employees into sending them a payment.

For example, cybercriminals might send an email that seems to be from the company’s CFO and orders an employee in corporate treasury to wire a payment to an account controlled by the criminals. Or they might pretend to be one of the company’s suppliers and ask an accounts payable clerk to change the supplier’s bank account information so future payments go to the scammers instead of the supplier.

According to the FBI’s June report, 14,032 U.S. companies, ranging from small businesses to large corporates, were victims of BEC scams between October 2013 and May 2015, and their losses totaled more than $960 million.

BEC “is a huge problem,” said Shirley Inscoe, a senior analyst at Aite Group. “Banks are seeing lots of attacks on their customers.”

Recently Guardian Analytics, which provides financial institutions with software to detect business email compromise and other cyberfrauds, rolled out similar software for corporates. The Guardian Analytics product Sentinel uses behavioral analytics and machine learning to sniff out fraudulent activity. The software is designed for companies’ supplier portals, which suppliers use to submit invoices and maintain their contact and bank account information.

Such B2B portals are Web-based, and Guardian Analytics’s software interacts with the server operating the portal, said Luis Rojas, vice president of product management at Guardian. The server sends Guardian information on its interactions with customers, ranging from the http header and user agent strings to device information.

“We can see what they’re doing in the portal,” Rojas said. “All that information is shared with us in real time, and there’s a feedback loop on how the risk is escalating or mitigating in the session.”

When a supplier interacts with the portal, triggering the flow of information, “what Sentinel is doing is looking at multiple dimensions of this interaction and assessing how normal it is,” he said.

The software might pick up evidence of malware or an unauthorized location or device. For example, “they’re coming in from Russia when they normally come in from Chicago,” Rojas said. “They’re coming in in the middle of the night or from a device that has foreign characters installed.”

He said scenarios that Guardian sees with B2B portals include account takeovers, where someone uses credentials in a way that they had not previously used them; business email compromise; fake invoices; and attempts to modify wire or ACH templates. Sentinel could also be used with companies' treasury management systems or ERPs, he said.

Guardian Analytics’s use of behavioral analytics and machine learning technology makes for a speedier system and avoids the false positives that can be thrown up by rules-based software, Rojas said.

“We focus on good behavior and learn that for every user,” he said. “We learn with every interaction what they do. We learn automatically without you having to train the system, and then we react. Any time the user deviates from normal, we raise the risk.

“Fraudsters, no matter how good they are, will never fully mimic a legitimate user’s behavior,” Rojas added. “There’s something they will trip up on.”



