Eliminating social media blind spots: 8 tips fintechs should know
Anthony Perridge, VP International at ThreatQuotient, discusses how all businesses need to fully understand the threats they can face on social media and how to prevent them, and specifically how FinServ’s can protect their institutions online.
More than three bn people around the world use social media each month, with 90 percent of those users accessing their chosen platforms via mobile devices. While, historically, financial services (FinServ) institutions discouraged the use of social media, it has become a channel that can no longer be ignored.
FinServ institutions are widely recognised as leaders in cybersecurity, employing layers of defence and highly skilled security experts to protect their organisations. But as the attack surface expands with the growing use of social media and external digital platforms, many FinServ security teams are blind to a new wave of digital threats outside the firewall.
Social media is a morass of information flooding the Internet with billions of posts per day that comprise text, images, hashtags and different types of syntax. It is as broad as it is deep and requires an equally broad and deep combination of defences to identify and mitigate the risk it presents.
Understanding prevalent social media threats
Analysis of prevalent social media risks shows the breadth and depth of these types of attacks. A deeper understanding of how bad actors are using social media and digital platforms for malicious purposes is extremely valuable as FinServ institutions strive to strengthen their defense-in-depth architectures and mitigate risk to their institutions, brands, employees and customers.
To gain visibility, reduce risk and automate protection, leaders in the financial industry are expanding their threat models to include these threat vectors. They are embracing a data-driven approach that uses automation and machine learning to keep pace with these persistent and continuously evolving threats, automatically finding fraudulent accounts, spear phishing attacks, customer scams, exposed personally identifiable information (PII), account takeovers and more.
They are aggregating this data into a central repository so that their threat intelligence teams can trace attacks back to malicious profiles, posts, comments or pages, as well as pivot between these different social media objects for context. Network security teams can block their users from accessing malicious social objects to help prevent attacks, and incident response teams can compare their organisation’s telemetry of incidents with known indicators of compromise to mitigate damage.
Employee education is also a critical component of standard defences. Raising awareness of these threats through regular training and instituting policies to improve social media security hygiene with respect to company and personal accounts goes a long way to preventing these attacks in the first place.
A Checklist for Financial Institutions
This checklist that encompasses people, process and technology will go a long way toward helping FinServ security teams better protect their institutions, brands, employees and customers.
- IDENTIFY the institution’s social media and digital footprint, including accounts for the company, brands, locations, executives and key individuals.
- OBTAIN “Verified Accounts” for company and brand accounts on social media. This provides assurance to customers that they are interacting with legitimate accounts and prevents impersonators from usurping a “Verified Account.”
- ENABLE two-factor authentication for social media accounts to deter hijacking and include corporate and brand social media accounts in IT password policy requirements.
- MONITOR for spoofed and impersonator accounts and, when malicious, arrange for takedown
- IDENTIFY scams, fraud, money-flipping and more by monitoring for corporate and brand social media pages.
- MONITOR for signs of corporate and executive social media account hijacking. Early warning indicators are important to protecting the organisation’s brand.
- DEPLOY employee training and policies on social media security hygiene.
- INCORPORATE a social media and digital threat feed into a threat intelligence platform as part of an overall defense-in-depth approach. This allows teams to ingest, correlate and take action faster on attacks made against their institution via social media.
- Microsoft insight: digital disruption of fintech through AI
- How Nationwide’s digital transformation strategy is enabling emerging businesses
- Payments 2020: five key trends
- Read the latest edition of FinTech Magazine, here!
FinServ institutions and their customers use many different social networks to communicate and conduct business but are often blind to the risk bad actors present as they increasingly targeting these public, uncontrolled channels to commit financial fraud, damage brands and even pose physical threats.
FinServ security teams need visibility into digital threats outside the firewall and actionable information to reduce risk and automate protection. Those that are most successful have a defense-in-depth architecture that includes intelligence on social and digital threats, context to understand what threats pose the greatest risk, and the ability to build on existing processes and workflows to block more threats and accelerate remediation.
For more information on all topics for FinTech, please take a look at the latest edition of FinTech magazine.
FIVE things fintechs must do to keep investors onboard
New investors flocked to the stock market during the COVID-19 pandemic. Thirty-eight percent of investors said they had never had a brokerage or similar account before opening one in 2020.
Low or no-fee trading options have helped accelerate the trend – nearly half of new investors said they accessed their account primarily through a mobile app. As FinTechs, how do we create the trust needed to keep new investors in the market and create a fruitful customer experience for them?
The financial industry does a disservice to individual investors if we merely offer tools that focus on making money quickly, an approach that usually backfires. Instead, the surge of interest presents an enormous opportunity for those who want to help more consumers use financial technology to educate them on responsible spending, saving, and investing in order to achieve financial wellness current fintech tools have welcomed individual investors in the door.
Now, it’s time to focus on education and improving their experience going forward. There are several ways those of us in fintech can step up to shape the future of retail investing so that it works better for everyone, starting with the following areas.
Equal access to financial wellness education
Financial health should be available to everyone — but today, not everyone has the educational resources to achieve it. One study shows that only 3.9% of students from low-income schools were required to take a personal finance class. What they aren’t learning in school or from family members, fintech companies can provide on their platforms.
The companies should move from solely offering financial services to a more responsible model of education, advice, and prescriptive choices to help consumers develop better habits and make wiser financial decisions. Not only can they empower consumers and bridge historical wealth divides, but they can also stimulate growth by opening up new consumer segments.
Just as we’ve come to expect that our fitness routines are tailored to our individual bodies, we’re also ready for finance tools that go beyond one-size-fits-all solutions. But only six percent of financial institutions say they’re using the kind of technology that allows them to deliver a deeply personalized experience. Fintech tools need to reflect that financial success looks different for each of us.
For one consumer, it may mean providing guidance on how to pay off student loans early; for another, it may mean prescriptive actions that enable them to stick to a budget for the first time; for a third, it could look like prioritizing environmental, social and governance (ESG) investments, so that her portfolio aligns with her political beliefs.
Now, we are seeing financial technology beginning to meet the demands of personalized finance in a substantial and meaningful way.
The rise of AI-Powered Advice
Big-picture advice and predictive guidance used to be a feature of high-end financial advisory firms — a perk only available to those who could afford it. But thanks to rapid advancements in data analytics and artificial intelligence (AI), that kind of holistic advice is now more accessible than ever. AI-driven robo-advisors can parse many different streams of financial information, delivering customized answers to key questions: Is it time to buy a home, or is it smarter to keep renting? Can I afford to take out another student loan?
Intelligent connectivity powered by AI can anticipate consumers’ needs and next steps, making proactive suggestions that guide them along the path to financial wellbeing. Fintech companies can also help consumers identify when their financial picture becomes too complex for a robo-advisor, and help them find a human financial advisor to meet their needs.
Focus on financial mental health
New investors are quickly finding that the market can be overwhelming. That’s not surprising, financial anxiety is common and studies show that financial stress can have an impact on mental health for some.
It’s not enough for fintech companies to give retail investors access; they also must provide the guidance and support that help consumers manage their financial well-being. Educational tools can ensure that consumers are well informed about their options.
Predictive analytics can anticipate consumers’ questions, serving them key information and insights before they ask. Features that emphasize a comprehensive notion of financial well-being, rather than short-term wins and losses, can also help ensure that consumers are keeping their eyes on the bigger picture.
Gamification for good
The surge of gamification apps has done an impressive job making investing as engaging as playing a video game or joining a social media platform.
Much of the current use of gamification emphasizes short-term thinking, but there’s also an opportunity to help consumers think more broadly about their overall financial picture. One example is peer benchmarking, a feature that enables help consumers to see how their financial habits compare to those of friends and fellow consumers.
Gamification can also be used to incentivize making smaller, smarter choices — for example, rewarding saving over making an impulse buy.
The future of fintech is about more than just broadening access to the markets. It’s about making sure more individuals have access to the tools that can help improve their financial well-being—in the ways that suit their own circumstances and needs. The potential to act within their own set of individual priorities, with their long-term financial wellness in mind is much more empowering to a consumer than simply relying on short-term, high-risk investments.