The AFS means more for security department than what Google Analytics means for marketing!
One bank was dealing with the problem of repeated multiple attacks against their clients with the help of financial malware. The attacks started with phishing and led to an irreversible financial resources' leak from the customers' bank accounts. The bank tried to find a solution to minimize the impacts of these attacks and related losses.
Throughout several weeks, we implemented the AFS solution that detected the currently infected clients' stations immediately after its deployment. The bank eliminated other losses, and, by cooperating with AEC, also started an active fight against cybercriminals and their infrastructure.
The AFS tool contributed to uncovering a network of white horses, and also identified further possible fraud attempts on corporate customers' accounts.
The solution's description
The internet transaction environment is being threatened more and more often by various attacks. Most of them are executed by special financial malware, or this malware is used in at least at one of the multiple phases of the attack.
The traditional approach to solving these problems with malware lies in reliance on the quality of antivirus products installed on the clients’ stations. An early warning of the malware infection is no longer sufficient. Another approach used by some entities relies on reactive solving of the malware cases when the local investigation, samples extraction, and manual analysis are carried out based on the client’s report. But this approach also seems to be insufficient in the online transactions' environment, because the transactions are being processed increasingly faster and they are getting out of the bank's reach. Subsequently, a more or less effective attempt of blocking the Command and Control centre of the given malware is done. This process is very long. The attackers usually reach the desired profit within several hours or days, and then they shut down the campaign.
AEC came up with an alternative to this approach in the form of the AFS tool that serves to detect malware, phishing, and other attacks on internet banking.
What is the AFS?
The AFS (Advanced Fraud Detection System) is a complex solution ensuring the protection of web internet banking applications and their users against cybercrime, fraud detection in the online environment, and the logging of users' activities.
The AFS detects the activity of financial malware, account takeover attempts, phishing, fraudulent operations, unauthorized accesses to functions, unsecured users' configurations and networks, attempts of web applications' attacks, attempts of automatization, etc.
The advantages of the AFS:
- It even detects Zero-Day financial malware attacks.
- It detects Phishing and Social Engineering attacks that are impossible to detect by any other means.
- Users' profiling and automatic detection of anomalies.
- It can record the users’s session – it improves the taking of evidence and detective investigation of incidents.
- Detection with the help of artificial intelligence based on rules.
- Hosting within the company.
- Transparent and plentiful interface in relation to information.
- Client-less – non-invasive security component.
The banking sector is the most important sphere of operation for us. Throughout our company's existence, we successfully completed hundreds of security projects in this field. We will be happy to share our longterm experience with you upon request.
CSE is the exclusive licence holder for the Czech and Slovak Republic.