SWIFT Fraud is Rising According to New Report

A new report released today by EastNets reveals that SWIFT related fraud attempts are on the rise and not declining.

According to the report, SWIFT payment fraud is on the rise, and there is strong evidence that banks are not adequately preparing themselves to combat the threat.

In addition to various high-profile incidents of bank theft using the SWIFT messaging network, an EastNets’ survey conducted in July found that cybercriminals have targeted more than four-in-five banks since 2016.

And banks indicate that the problem has been getting worse.

The report can be downloaded here – SWIFT Fraud Report. The survey included over 200 banks from all parts of the world and aimed to identify the risk of fraud on the SWIFT platform.

SWIFT Fraud Has Been Rising Since 2016

The rising fraud is not new. The SWIFT network faced scrutiny after several very high profile breaches.

Bank of Bangladesh Swift Fraud Attack

The massive $1 Billion fraud attempt against Bank of Bangladesh where hackers made off with 81 million dollars in a few hours revealed the weaknesses in the network.  Fraudsters were able to infiltrate the network and send out hundreds of fraudulent request for payment transfers. 

Punjab National Bank Swift Insider Fraud Case

And just last year, junior bankers at Punjab National Bank in India facilitated a massive $1.8 Billion SWIFT Fraud which involved a prominent jeweler – Nirav Modi who was recently arrested.

24 Million Transactions Occur Daily on SWIFT Which Means Impact of Fraud is Significant

Given that over 11,000 banks globally use the SWIFT platform to send and receive messages such as wiring instructions safely this could spell bad news for fraud. Each day, approximately 24 million SWIFT transactions are processed so the scale is enormous.

The 12 Key Findings Of the Report

There were 12 key findings that were revealed in the SWIFT survey of 200 banks.

#1 – 80% of Banks Have Been Targeted

Since 2016, 4 out of 5 banks indicate that they have been targeted by cybercriminals attempting to use the SWIFT messaging platform.

#2 – 84% of Attempts Were Cyber Related

The report found that the vast majority of targets were committed by hackers and that the hacking was done through computer hacking.

#3 – 67% of Banks Say SWIFT Fraud Attempts are Increasing

Of the banks that have been targeted most believe that SWIFT fraud is increasing over time. They also indicated that while it is increasing, their is evidence that banks are not taking the threat seriously enough.

#4 – Smaller Banks Are Targeted More Often

Smaller institutions between $1 billion to $10 billion in assets are targeted more often with close to 90% of smaller banks indicating that SWIFT fraud is rising.

#5 – Banks Are Having Trouble Organizing Within to Solve It

The study revealed that most banks reported they have trouble organizing internally and collaborating with other departments to improve fraud response. Only 20% of banks reported strong collaboration in this area.

#6 – Business Email Compromise is a Significant Concern for Most Banks

The biggest risk to the system according to many banks was the risk of Business Email Compromise and educating customers on how to identify it and take it seriously as a real threat.

#7 – 1 in 7 SWIFT fraud attempts involve insiders

Shockingly, the threat of internal compromise has been found in 1 in 7 SWIFT fraud attempts. Fraudsters are actively collaborating with insiders to undermine the SWIFT platform.

Insiders represent significant risks.

#8 – Current Solutions Fall Short

While banks feel that SWIFT fraud is rising, they also believe the current SWIFT software adequately protects them. This seems to indicate a contrary message. If SWIFT fraud is rising how are the current solutions adequate?

#9 – 20% of Banks Lack Basic Policies

About one in five banks lacks basic policies and practices for combatting SWIFT cyber fraud such as enforcing the least-privilege principle, restricting access to the SWIFT interface, implementing user-behavior analytics, and preparing disaster recovery of the SWIFT messaging interface.

#10 – Banks Need A Comprehensive Program

The survey revealed that banks need a comprehensive program that includes policies, effective IT systems, autonomous fraud prevention and artificial intelligence and machine learning to effectively address the risk.

#11 – Leaders More Likey to Use Advanced Behavioral Analysis

In analyzing banks that were effective, Eastnet discovered that banks all shared common characteristics. They all leveraged behavioral analytics conducted attack simulations and had procedures in place once an attack took place.

#12 – Changes in the SWIFT Platform Will Only Make it Easier for Fraudsters

Changes in the SWIFT platform and new fraud trends will only make it easier for fraudsters to target banks more in the future. The problem will only get worse, before it gets better.

Frank McKenna is the Chief Fraud Strategist for PointPredictive and a Fraud Consultant based in San Diego California