Organizations in the financial services industry are actively being targeted by threat actors who leverage customer information to steal profiles, drain funds, and commit identity fraud. This exploitation isn't limited to big banks or those dealing with credit card theft. It's happening pervasively in corners not previously considered a prime target.
Organizations are being attacked at an increasing frequency and seldom realizing the impact until a substantial amount of funds have been drained from accounts. In this case, it is an increase in exploitation against applications designed to help customers track down lost or forgotten financial assets. While not perceived to be as intense or high stakes as an application supporting daily banking, these applications coming under attack host equally lucrative information as a bank and pose similar risk to the organization. Although there are smaller dollar amounts per transaction, the volume of transactions provides adversaries an opportunity to make out with millions of dollars in stolen funds.
The primary target is webpages that allow for account information or profile information lookup. This is where users could enter personal information to see if there is a record match inside the application. Upon successfully matching datapoints such as first and last name, social security number, insurance number, or date of birth, users are then offered an opportunity to re-claim their financial profile.
For attackers, this kind of profile lookup page is ideal. By leveraging bots, they can easily perform reconnaissance and build a list of targets in a matter of seconds providing the adversary with a targeted and confirmed list of accounts to compromise.
There are many situations where threat actors can target your data. Here are some examples: