European banking giant uncovers hidden fraud threat with Cleafy’s FxDR

Technology03 Oct 2024

Sponsored by Cleafy

When a corporate banking powerhouse was blindsided by covert attack, Cleafy’s solution unmasked the invisible threat

For global banks, safeguarding operations is an ongoing battle. Yet some threats are so sophisticated they operate invisibly, slipping through even the most advanced security systems and embedding themselves in routine transactions.

A major European bank, renowned for its forward-thinking approach, grasped that fighting fraud isn’t merely about responding when it surfaces. In a world of instant payments, reacting only at the transaction level means facing the fallout. True prevention involves spotting and neutralising threats before they even begin to unfold.

Recently, this bank faced an unseen enemy as its corporate channels were targeted by an intricate fraud scheme of co-ordinated attacks, all designed to orchestrate large-scale fraud. With Cleafy’s advanced fraud detection technology, the bank didn’t just respond to the immediate threat but overhauled its entire security strategy.

The attack underscored how sophisticated fraud can be, and the critical need for real-time detection to uncover and address the full scale of the threat before it leads to significant losses.

Aiming for billions

With operations across numerous countries and millions of customers, a major European banking institution encountered a highly sophisticated wave of attacks on its corporate banking channels, highlighting the growing ingenuity of threat actors.

Corporate banking fraud is notoriously difficult to detect because of the sheer complexity and scale of transactions. Unlike consumer banking, corporate transfers often involve huge sums of money, frequent international payments and multiple layers of approval – creating a perfect environment for fraudsters to blend in. Fraudsters exploit these characteristics by mimicking legitimate transactions, making subtle changes that are hard to spot.

Traditional anti-fraud measures often focus on flagging outliers, but in corporate banking many “outliers” are part of routine operations. Add to this the sophisticated techniques attackers use – such as injecting malicious code mid-transaction – and the challenge becomes even greater. The result? Fraud can go undetected for months!

The aim was simple: exploit real-time vulnerabilities to steal vast amounts of money without raising alarms. Each attack sought to syphon between €1 million and €10 million, with several attacks occurring each day. Despite the bank’s robust security measures, the criminals managed to blend in, triggering no red flags from its conventional anti-fraud systems, as was the case here, until more advanced tools, like Cleafy’s FxDR platform, were employed.

What is FxDR and how does it unmask invisible threats?

Fraud XDR (FxDR) merges fraud management with cyber-security, focusing on tackling cyber-enabled crimes such as account takeover (ATO), automated transfer system (ATS) and authorised push payment (APP) fraud. These attacks exploit phishing, malware and data breaches to exploit digital vulnerabilities. FxDR goes beyond traditional methods by using threat intelligence to detect and counteract these fraud schemes in real time, adapting to emerging tactics. It ensures robust, minimally disruptive protection, particularly in the fast-paced world of digital banking.

The bank had already been using Cleafy’s Fraud Extended Detection and Response (FxDR) platform on its retail channels – where it wasn’t just catching fraudulent transactions but stopping attacks before they even took shape. After seeing its success on the retail side, the bank expanded Cleafy’s reach to its corporate channels, and what it uncovered was staggering.

Behind the scenes, a highly sophisticated fraud operation was quietly at work, executing 20 to 30 attacks per day and targeting substantial sums. The fraudsters cleverly blended into the daily flow of corporate transactions, making their activities nearly impossible to detect with traditional security measures. Despite the bank’s strong defences, the attackers used advanced, subtle techniques that mimicked legitimate transactions, allowing them to evade detection for months. The criminals’ methods underscored the growing complexity of modern fraud, which calls for even more advanced tools to stay ahead of evolving threats.

When Cleafy’s FxDR platform was deployed on the corporate side, the full scale of the operation became clear. Fraudsters had been exploiting vulnerabilities with pinpoint precision, slipping malicious code into the transaction process at critical moments. Fake transactions were crafted to look just like the real thing – no alarms, no warning signs.

Cleafy’s system changed the game. By offering real-time visibility into transaction behaviour, it revealed patterns that had gone undetected, such as mid-transaction IBAN swaps. These attacks weren’t just sneaky – they were methodical, with fraudsters fine-tuning their tactics to avoid detection while attempting to cream off millions each time.

Armed with this new intelligence, the bank’s security team moved quickly to shut down the attacks. Cleafy’s platform didn’t just provide a passive alert. It actively fought back, stopping fraud in its tracks. With the help of “grabbers” – tools designed to capture data directly from users’ browsers – Cleafy’s system identified malware and other malicious elements before they could cause harm. It was adaptive, precise and gave the bank the upper hand.

The result? A near-instant reduction in fraud attempts and an unprecedented level of control over corporate transactions.

The experience underscored an important lesson: even sophisticated institutions can be caught off guard by evolving cyber-enabled threats. In this dramatic showdown between innovation and fraud, this incident highlights the importance of continually evolving security measures and staying ahead of cyber-criminal tactics. Traditional defences alone are not sufficient to combat today’s complex threats. The bank’s success in overcoming this challenge demonstrates the need for an agile and innovative approach to fraud prevention.

Want to learn more about how banks and FIs can defeat invisible threats, stopping attacks before they can result in fraud? Download our whitepaper