Many perpetrated electronic crimes begin with phishing emails. Phishing is used to induce individuals to divulge private information, such as access credentials, or to click on a malicious link or attachment that ultimately downloads malware onto a bank’s computer network.
Often these emails are highly targeted and include advanced web design, making them appear legitimate to even the most skeptical recipients.
A quick Google search can help you better understand the threat landscape and the various forms of phishing.
An effective cybersecurity strategy is critical when it comes to combating electronic crime. There are a number of working groups and other industry associations dedicated to helping bank leadership better understand the issues and plan for an incident. Excellent resources are also available from the FDIC and SEC. If not already, cybersecurity readiness should be a regular board level topic.
There are also day-to-day tactical steps banks can take to help mitigate exposure:
- Stay informed and educate your employees through training and testing
- Confirm suspicious emails by calling the sender before opening documents
- Do not click on links, type the address in your web browser instead
- Slow down–phishing emails often have a sense of urgency to act immediately
- Always have the most up-to-date network security protocols in place
While it is impossible to prevent all electronic crime, your bank can build an effective defense and reduce the risk of falling victim by following best practices and implementing these throughout your organization.