ArcSight FraudView Call Center 1

Summary:

The ArcSight FraudView is a cybersecurity tool designed to combat social engineering and account takeovers through pattern detection, particularly in call centers where such attacks are prevalent. It has been effective in preventing phishing attacks that lead to unauthorized access and fraudulent activities on customer accounts using auto forms to extract sensitive personal information like address and date of birth. ArcSight FraudView detects patterns of activity online, monitors high-risk watchlist status, and alerts when suspicious behavior is detected across various channels such as real-time online platforms and batch CRM systems. By correlating data from different sources and assessing risk models, the system helps to prevent fraudulent activities before they cause significant financial loss or occur at all.

Details:

The business case for ArcSight FraudView, an enterprise security solution, highlights its effectiveness in combating social engineering and account takeovers through pattern detection. With the increasing demand for cybersecurity measures to protect against cyberfraud, organizations are focusing on reducing vulnerabilities introduced by human interaction in call centers. Social engineering attacks, where fraudsters manipulate unsuspecting employees to carry out fraudulent activities, have become more prevalent. ArcSight FraudView aims to detect patterns of activity on web portals before financial loss occurs and preemptively monitor accounts exhibiting similar behavior for high-risk watchlist status. This proactive approach helps stop future threats and reduces the impact of such attacks by enabling call center operators to identify suspicious activities promptly. A phishing attack has compromised a customer's account, giving an unauthorized user access to their personal banking portal. Despite being authorized only for limited actions like checking balances and viewing statements, the fraudster can exploit auto forms feature to apply for new lines of credit or mortgages using the customer's standard personal information, which is automatically populated from the system's memory. This process can be facilitated through a feature called "auto forms" and reveals sensitive details such as address and date of birth that might not have been directly accessed by the fraudster during initial account access. The article discusses the use of auto forms in online banking systems, which can facilitate unauthorized access to a customer's personal information such as date of birth, address, and current open accounts. This feature helps enhance the user experience but poses risks if accessed by cybercriminals. When linked with other data sources like social networking sites, this information can be leveraged during interactions with company call centers, enabling fraudsters to socially engineer attacks on customer accounts. ArcSight FraudView is a tool used for detecting patterns of fraudulent activities in online banking systems. It leverages harvested web credentials and auto forms to obtain personal data from the account holder, which it then combines with other data sources like social networking sites. This combination allows the fraudster to authenticate with call center representatives and request fund transfers, posing significant risks to customer financial assets. The author highlights that patterns of fraudulent activity are often developed by cybercriminals once they have successfully transferred funds from a compromised account into their own accounts. They continue these activities until detection becomes more difficult or impossible. Detecting such patterns early using tools like ArcSight FraudView can help mitigate the risks associated with unauthorized access and potential financial loss. The text discusses the use of the ArcSight FraudView platform in detecting fraudulent activities across both online banking and call center channels. Transactions from both real-time online platforms and batch CRM systems are collected and passed through a correlation engine to evaluate suspicious patterns. These transactions are then assessed against a learning risk model, with historical pattern analysis applied to event scores. The ArcSight FraudView platform analyzes the data to identify specific fraudulent patterns across multiple accounts, where similar activities have occurred over different channels. The analyst can inspect these identified patterns and filter out those considered non-threatening or previously seen. In this process, the system identifies a group of four accounts that exhibited identical transactions on two distinct channels, indicating a potential pattern. The platform allows analysts to graphically depict detailed activity for specific customer accounts, enabling them to visualize how fraudulent activities have occurred across different channels and time frames. This visual representation helps in identifying commonalities among seemingly disparate events, thereby aiding in the detection of fraudulent patterns and subsequent prevention measures. The article discusses how an analyst can create a new real-time correlation rule using the ArcSight FraudView graphical rule builder, which allows for quick detection and response to suspicious activities. This newly created rule is tested and activated, enabling the system to identify patterns in fraudulent behavior and provide alerts in real time when similar incidents occur. The affected accounts are added to a high-risk list, with future transactions involving these accounts having increased risk scores based on their involvement in risky activities. This heightened awareness helps the organization mitigate coordinated cyberfraud attacks by detecting them before they cause significant harm or prevent them from happening altogether. As a result, the company's lines of business experience an increase in cyberfraud risk awareness across the board. ArcSight FraudView is able to connect other detection technologies and extend their capabilities with unique pattern detection features, utilizing real-time data collection and correlation functionality that has been developed over the past decade by ArcSight. ArcSight FraudView focuses on online fraud protection, ensuring the potential of the internet as a global transaction platform remains bright. Overall, this technology significantly contributes to the prevention of cybercrimes in the financial sector, providing secure transactions for consumers amidst an evolving market and the ever-present threat from cybercriminals. ArcSight is a company that provides security and compliance management solutions to protect businesses and government agencies from cyber threats such as theft, fraud, warfare, and espionage. They offer the market-leading ArcSight SIEM platform which helps organizations identify, assess, and mitigate both internal and external risks associated with critical assets and processes. By proactively safeguarding their assets, complying with corporate and regulatory policies, and controlling the related cyber risks, businesses can enhance security measures to prevent cyber threats effectively. For more information or inquiries, you may visit www.arcsight.com or contact ArcSight at info@arcsight.com or 1-888-415-ARST.