Harnessing the Power of AI for Better Antivirus Protection
Endpoint Detection and Response (EDR) is a next generation cyber security solution that provides more advanced and comprehensive protection for your devices compared with traditional, static antivirus applications that only address simple signature-based malware threats. While traditional antivirus programs detect and remove known malware, EDR is designed to detect and respond to more complex and sophisticated threats that often bypass or get through traditional antivirus protection. A good EDR solution can identify existing threats already hiding on a network, which is important as current threats are often undetected for several months. Since most malware intrusions originate at the end-user, it is critically important to have the very best antivirus protection on individual computers and laptops.
Here are some reasons to consider EDR as a preferred antivirus solution:
Smarter Detection: Traditional antivirus programs rely on pre-defined signatures to identify known threats. However, EDR takes a different approach. It uses behavioral analytics to detect suspicious activity in real-time, even if there are no known signatures. By monitoring file changes, registry modifications, and network traffic, EDR can detect and respond to the latest, advanced threats faster than traditional antivirus programs.
Complete Visibility: EDR provides security teams with a centralized management console to monitor and investigate activity across all devices in an organization. This makes it easier to deploy and manage security policies. Some vendors offer a fully managed model for businesses who cannot or do not want to deal with the administration or management of the EDR tool. With EDR, you don’t need to worry about manually updating antivirus software on individual devices. The central console ensures that the latest EDR protection is deployed, saving time and effort. In case of a security breach, EDR allows for a coordinated and rapid response to investigate and minimize the damage.
Real-time monitoring and continuous threat-hunting: EDR keeps a constant watch over servers, laptops, and mobile devices in real-time. It allows security teams to proactively identify and address threats before they can breach the system. By analyzing suspicious behavior, EDR can act before a breach occurs, reducing the risk of data loss or compromise.
Monitoring of servers, laptops, and mobile devices by EDR is critical to allow fast and effective solutions to threats before they breach, and in the event of a breach, to contain and solution the threat before there is contagion throughout the network. EDR has a proactive threat hunting feature that allows security teams to identify threats before they become an incident. Suspicious behavior is analyzed and reacted to before a breach occurs.
Forensic Capabilities: In the event of a security breach, EDR provides forensic capabilities that assist security teams to investigate and understand system events and scope of the attack. Detailed logs are available showing system events and user behavior. The logs may be used to identify the source of the attack, measure the extent of damage or intrusion, then develop a plan to prevent a future, similar attack. This is very useful to provide evidence of rapid response and the scope, extent, and timing of an event that is required with many state breach notification requirements.
Integration with other security solutions: EDR seamlessly integrates with other security solutions, enabling automated incident response workflows, event logging, and monitoring across multiple platforms. This integration enhances the overall effectiveness of your cybersecurity infrastructure.
With the rapid evolution of advanced threats and sophisticated malware, relying solely on traditional antivirus programs isn’t enough. Having a robust EDR solution provides the best available antivirus resource, deploying a tool that uses artificial intelligence to reiterate and continually evolve an endpoint defense. The combination of advanced detection, rapid response, real-time central monitoring, and enhanced forensic features provides a powerful tool to protect and secure your organization’s critical and sensitive data. Antivirus protection is a vital cyber-security shield on the frontline of defense, and it is imperative that defense is effective, today more than ever.
Interested in learning more about EDR? Notable companies that offer EDR solutions include SentinelOne, CrowdStrike, and Cisco. If you have questions about EDR and other tools and strategies to protect your networks and your business, feel free to contact me: firstname.lastname@example.org
The Federal Bureau of Investigation (FBI) has labeled business email compromise (BEC)/email account compromise (EAC) as “one of the most financially damaging online crimes” as it is “the top cyber threat.” BEC/EAC is a scam in which fraudsters trick an unsuspecting party, typically by using a variety of social engineering and phishing tactics, into making payments to fraudulent accounts.
Since 2016, over $43 billion has been lost through BEC/EAC attacks. In 2021, U.S. losses attributed to BEC/EAC cybercrimes were reported to be almost $2.4 Billion. This is more than one-third of the total cost of all cybercrimes reported to the IC3 in 2021. In a recent article from Security Magazine, the author noted that email cyberattacks have increased by 48% in just the first half of 2022. It is no surprise that the title insurance industry has been the target of fraud schemes for many years, especially with wire transfers being utilized more often.
Some common schemes we continue to see include:
- Seller Spoof – fraudsters impersonate the seller (using an email address that may only be slightly different from the original, or using the actual seller’s email), and provide alternate bank account information for the seller proceeds.
- Lender Spoof – in a transaction involving the payoff of a prior lender, fraudsters impersonate the prior lender. They often modify the original payoff provided by the prior lender (or create one) with wiring instructions for a fraudulent account.
- Buyer Beware – fraudsters pose as the settlement or real estate agent using a similar email address, and instruct the buyer to wire their down payment funds to a fraudulent bank account.
There are many ways to protect a person or a business from becoming a victim of these costly schemes. A few tips include:
- Meticulously examine the email address, URL, and spelling used in any correspondence. Fraudsters use only slight differences hoping you do not critically analyze the spelling.
- Be suspicious about opening any email attachments from someone you don’t know and be wary of email attachments forwarded to you as they may include malware or other malicious software.
- View all changes to wire instruction with extreme caution.
- Always independently verify with the company any payments or wires being sent to a third-party by contacting them at a legitimate number, and be leery of any last-minute changes to account numbers or payment procedures.
- Confirm with the intended recipient that the wire was received.
- Be extremely suspicious if the requestor is pressuring you to act quickly.
If you do become a victim, do not wait to take the next steps since time is critical in this process. Have a plan in place and be prepared to:
- Notify your office management.
- Notify your financial institution and the recipient’s financial institution.
- Contact local law enforcement.
- Contact your local FBI field office.
- Contact your cyber-insurance, escrow security bond, and error and omissions provider.
- File a complaint with Internet Crime Complaint Center (IC3).
- Contact your title underwriter.
With our increased dependency on technology and the pace of our industry, we cannot let down our guard – we must stay vigilant! Heed the warning that fraudsters are not slowing down or giving up on these fraudulent schemes. If you are presented with any of these situations, the key is to be able to recognize the scam and then shut it down before it can infiltrate your transaction and create a web of issues.
You can learn more about identifying and preventing fraud by downloading Alliant National’s white paper – Escrow Fraud/Social Engineering: Recent Schemes and Prevention Tips.
Escrow Fraud/Social Engineering: Recent Schemes and Prevention Tips, Alliant National Title Insurance Company
Email cyberattacks increased 48% in first half of 2022, Security Magazine: https://www.securitymagazine.com/articles/98145-email-cyberattacks-increased-48-in-first-half-of-2022
FBI – Business Email Compromise: https://www.fbi.gov/how-we-can-help-you/safety-resources/scams-and-safety/common-scams-and-crimes/business-email-compromise
FBI – Internet Crime Complaint Center (IC3): https://www.ic3.gov/
What does it mean to get hacked? And how might we mitigate cybercrime?
Hacking is unfortunately far from uncommon. By some counts, more than 2,200 cyberattacks occur per day, which means that one cyberattack occurs every 39 seconds.[i] These hacks carry a tremendous financial cost, with some estimates putting them as high as $6 trillion per year or $500 billion per month, $115.4 billion per week, $16.4 billion per day, $684.9 million per hour, $11.4 million per minute and $190,000 every, single, second.[ii]
The figures are mind-boggling and scary, which is why it is more important than ever to understand what can occur when a business network is hacked. Without grasping the basics, it becomes more difficult to assess your risk and start proactively protecting your company.
What is the origin of the term “hacking”?
The use of the term “hacking” in a computer science context began all the way back in the 1950s at MIT. In those days, hacking simply meant dealing “with a technical problem in a creative way.”[iii] It wasn’t until the late 1970s that hacking started to refer to illicit activity, a definition it retains to this day.
These days, hacking primarily revolves around the compromising of digital devices and networks. While there is “ethical hacking,” which focuses on improving security systems and keeping data safe, most is “black hat,” which means that it is often motivated by money, such as:
- Wanting to sell private network information on the black market.
- Obtaining access to sensitive information and then attempting to coerce victims into paying money.
- Desiring to obtain confidential data and use it for financial benefit.
- Holding data hostage until a payment is made.
How do hacks occur?
Typically, business networks are targeted through the multiple endpoints that are vulnerable to criminal activity. Just think about it. Every day, employees access business networks with numerous devices that may or may not be secure. But that’s not all businesses need to be concerned about. Similarly vulnerable areas include:
- Any cloud-related services
- Unsecured WiFi
- Malicious websites
- Email accounts
Hacks come in every shape and style
There is no “one way” that hacking occurs, which makes it important to cover the different variations of hacking to gain a more complete understanding of the threat landscape. Here are seven distressingly common strategies that cybercriminals routinely employ:
- Phishing: By far, phishing is one of the most popular forms of hacking today – in part because it is so effective. To better understand the prevalence of phishing, look no further than to recent data that shows 1 in 99 emails is a phishing email.[iv] There are several different types of phishing emails, such as:
- Malware delivery emails, where malware is unleashed if the email recipient clicks on a malicious link.
- There are also credential harvesting emails, where the sender will impersonate someone the recipient knows to get them to hand over sensitive information.
- Denial of Service (DoS): DoScyberattacks occur when cybercriminals make an online property or service unavailable by inundating it with requests. This attack will frequently result in your website crashing or becoming unusable.
- Spyware: Spyware involves malicious code being embedded to monitor email correspondence or worse. Keying (key-logging) to obtain passwords is just one example.
- Malware: You’ve likely heard of malware before – and for good reason. Referring to any computer virus, worm, trojan horse, spyware, ransomware, adware or other malicious software, malware has been sneaking into user devices and business networks since the beginning of the computer age.
- Brute Force Password Decoding: In this type of hack, finesse or secrecy go out the window. The cybercriminal simply attempts to force his or her way inside your devices or network through automated tools that seek to decode your network passwords.
- DNS Attacks: With Domain Name Server (DNS) attacks, cybercriminals utilize an elaborate strategy where they take domain names and transform them into IP addresses, which often results in the domain name server redirecting web traffic to fake websites controlled by the criminal.
- Social Engineering: Social engineering cyberattacks are exceptionally difficult to guard against because they focus on manipulating human attributes like empathy, fear and urgency to gain access to personal information or a corporate network. Phishing is one example of such an attack, but there are many others that fall into this bucket.
Are we powerless against hacking?
With such a wide range of illicit cyber activity, it can feel almost impossible to keep up. However, there are numerous things business owners and employees can do to protect themselves and reduce the possibility of harm or financial loss. From following password best practices, to keeping your systems updated, to deploying new techniques like security awareness training (SAT), even the smallest firm can dramatically increase its security posture. The situation is not hopeless. In fact, by following expert advice and remaining vigilant, we all have the power to reduce our risk profile and stay safe online in both our personal and professional lives.
Keep learning! Read more about 2022 cybersecurity trends, the rise of ransomware and how to streamline your password use.
We also encourage agents to continue to explore and implement best practices to combat cyber fraud. Download Alliant National’s white paper – Escrow Fraud/Social Engineering: Recent Schemes and Prevention Tips to begin your own internal assessment.
[i] Clare Stouffer, Norton, “115 cybersecurity statistics and trends you need to know in 2021,” 9 Aug. 2021, 115 cybersecurity statistics and trends you need to know in 2021 | Norton
[iii] ECPI University, “What is Hacking and Cracking in Cybersecurity?”, What is Hacking and Cracking in Cybersecurity? (ecpi.edu)
[iv] Michael Guta, SmallBiz Trends, “1 in 99 Emails is a Phishing Attack, What Can Your Business Do?,” 4 May 2021, Phishing Statistics: What an Attack Costs Your Business [INFOGRAPHIC] – Small Business Trends (smallbiztrends.com)
The cost of fraud to title and settlement services companies far exceeds the actual face value of a fraud incident, according to the 2022 LexisNexis True Cost of Fraud Study released recently.
The 57-page report provides information on current fraud trends in the mortgage, title and settlement industries and details some of struggles companies face in addressing fraud detection, prevention and customer experience.
In terms of the cost of fraud, research indicates that for every $1 lost in an actual fraud incident, the cost to a title company is $4.19 or four times that of the face amount of the loss. The number rises to $5.34 for originators.
According to the research, the additional cost is related to the labor required for fraud detection, plus the expense of investigation, reporting and recovery following an incident.
For title companies, the biggest cost is labor, with the actual breakout of related costs as follows:
- 35% attributed to labor costs
- 21% for detection, investigation and recovery
- 18% related to fines and legal fees
- 13% covering fees during application and processing
- 13% accounting for the face amount of the actual fraud
The actual cost is extraordinary, given that title companies reported a staggering 77% increase in fraud over the past three years. The growth in fraud is attributed in part to COVID, as a substantial portion of both mortgage and settlement services transactions moved to online and mobile-only transactions.
According to the LexisNexis report, although fraud originates largely in online and mobile-only transactions, it often the moves to the call center or phone-based point of interaction, which further adds to the risk, with the growth of remote workers handling these transactions.
For title companies working in the online and mobile transaction world, identity verification is the number one challenge.
“The challenge involves assessing digital identity attributes such as email and phone number,” the report states. “That is contributing to challenges with identifying malicious bots and the ability to determine the source of the transaction. Synthetic identities are a key driver of identity verification challenges, particularly among organizations that do not use fraud solutions that assess digital identities and behaviors.”
LexisNexis noted that the mobile channel especially is contributing to the high volumes in recent years.
“This channel brings device-related risks that are unique from online browser transactions (SIM card swapping, malware, SMS phishing). This allows fraudsters to gain entry through anonymous remote transactions at the very start of the mortgage process.”
Title companies walk a bit of a tightrope, determined to invest in strong fraud prevention, while striving to create a positive customer experience. Customers reportedly get frustrated with the passwords, qualifying questions and multiple identifiers it takes to get through the transaction and have been known to give up and drop out of online and mobile device-related processes out of frustration.
Balancing these two necessities of doing business has been challenging, but title companies that put forth the effort can dramatically reduce their exposure to fraud.
To help our agents assess their efforts, Alliant National released a white paper this year, titled Escrow Fraud/Social Engineering: Recent Schemes and Prevention Tips. The white paper provides agents with useful information, risk factors to consider, and practical action steps that will help you partner with consumers, real estate agents and lenders to defend against the fraudsters.
In addition, the LexisNexis report identifies four recommendations agents should consider, including remaining vigilant to increased fraud, increasing the use of technology, creating multi-layered solutions, and integrating cybersecurity and digital customer experience with your fraud processes.
Here are a few highlights from their list of recommendations:
- Accelerated movement to online/mobile transactions will continue to grow; therefore, title/settlement companies should continue to buildout and enhance the digital customer experience while protecting against fraud.
- Best practice fraud detection and prevention includes a multi-layered solutions approach, and the integration of fraud prevention with cybersecurity operations and the digital customer experience.
- Layering in supportive capabilities such as Social Media intelligence and AI/ML further strengthens fraud prevention.
While fraud prevention in the current environment is challenging, the report concludes that “firms which use a multi-layered solutions approach that is integrated with cybersecurity and digital customer experience operations can lower their cost and volume of successful fraud while improving identity verification and fraud detection effectiveness.”
We encourage agents to continue to explore and implement best practices as we all work together to combat fraud. Download our white paper – Escrow Fraud/Social Engineering: Recent Schemes and Prevention Tips – today to begin your own internal assessment.
To view the full LexisNexis study, click here.
Cyber fraud, social engineering and wire fraud attempts are on the rise again. We’re sharing in-depth information to help you protect your business.
First published in 2017 and fully updated by Alliant National’s Compliance, Risk and Education teams, the paper provides information, tips and suggestions to help you better understand the current threat environment and create a comprehensive plan that addresses the realities we face in our industry.
Time to assess cyberattack risk in light of Ukraine invasion
The paper’s release comes at a critical time as U.S. businesses brace for potential cyber warfare corresponding with recent violence in Europe. The Department of Homeland Security (DHS) issued a bulletin in January warning of the increased risk of cyberattacks in the U.S. as Russia was poised to invade Ukraine.
“We assess that Russia would consider initiating a cyberattack against the Homeland if it perceived a U.S. or NATO response to a possible Russian invasion of Ukraine threatened its long-term national security,” the agency said in the bulletin released to law enforcement partners and obtained by The Hill.
In response, the American Land Title Association warned in a recent blog that the risk of spillover cyberattacks against non-primary targets could become much more widespread.
2022: Growth of BEC/EAC
Against this backdrop of international tension, Alliant National agents continue to report an increase in attempted wire fraud schemes. These attacks are part of a growing fraud threat targeting businesses of all sizes and the general public.
The FBI refers to this threat as Business Email Compromise/Email Account Compromise (BEC/EAC). BEC/EAC fraudsters focus on organizations that perform wire transfers, making real estate especially vulnerable.
According to the FBI Internet Crime Complaint Center’s (IC3) most recent report, the center received a record number of complaints from the American public in 2020: 791,790, with reported losses exceeding $4.1 billion. This represents a 69% increase in total complaints from 2019. Business Email Compromise (BEC) schemes continued to be the costliest: 19,369 complaints with an adjusted loss of approximately $1.8 billion. Phishing scams were also prominent: 241,342 complaints, with adjusted losses of over $54 million.
Protect Your Agency
Given the increased incidence of BEC/EAC scams and ransomware attacks over the past several years, it is imperative that prevention be addressed at every level. State and federal entities, as well as most of the top tech companies are creating alliances and workgroups to stem the tide.
Title insurance companies and agents also have a role to play. Given the current nationwide threat, we encourage all agents and their staff to remain on high alert for attempted fraud, particularly when it comes to seller proceeds. We also urge agencies to remain vigilant regarding possible attempts to obtain consumer or employee PII.
Here are some immediate steps to consider:
- Identify the risks your agency faces and make sure your systems are protected
- Maintain strict policies and procedures for verification of wire instructions
- Educate your staff and consumers about what to do when they suspect fraud
- Establish protocols to quickly detect fraud and recover diverted funds
- Obtain appropriate insurance, including Cyber Liability coverage
Cyber Security is Mission Critical
There is nothing more important than protecting our clients’ funds and personal information. It is mission critical for a title company to make security its highest priority in 2022. You can begin today to assess your systems and educate your staff to make sure every possible precaution has been put into place. We hope our Escrow Fraud/Social Engineering White Paper will be helpful in this work.
In addition to the release of the White Paper, Alliant National will provide updated materials throughout the year to help agents understand and respond to the threat environment we face. Of course, we’re always ready to discuss the threats we are seeing, and steps you might consider for your business. Feel free to reach out to your agency representative, or any member of the Alliant National team.