Legacy fraud prevention controls have limited or no ability to detect remote access attacks. When a RAT is present on a user’s device, the bank’s systems detect a genuine device fingerprint, with no traces of proxy, code injections, or malware, and with the proper IP and geo-location. When used in a social engineering scam, the same is true as it’s the legitimate user being guided by a fraudster to conduct a transaction.
Behavioral biometrics intelligence identifies patterns that indicate whether a session is being initiated by a human or remote access. Behaviors such as mouse movements, keyboard interaction, device movements, and swipe patterns are used to detect active remote access in a session. For example, mouse movements from a human will appear with curves, shakes and imprecise movements. Mouse interaction when a RAT is enabled will appear as near-perfect straight lines due to latency caused by the remote connection and show a high concentration of movement on a specific area of a page.
The hidden facts of remote access attacks
Percentage of victims of remote access attacks that are over 60
Percentage of victims who show signs of remote access four weeks or more before an actual fraud attempt
Average number of minutes it takes to submit a payment in a banking session with remote access
Winning the RAT Race: How Banks Can Get Ahead of Remote Access Attacks and Account Takeover
While the use of Remote Access Tools (RATs) in the perpetration of financial crime is not a new threat, they continue to pose significant challenges to Fraud Fighters. Access the white paper to learn about the common and emerging fraud methods that leverage RATs, where legacy fraud controls are falling short, and how Behavioral Biometrics intelligence can provide the additional visibility banks need to prevent these attacks.
Phishing site detection