Year in review

Cybercriminals are diversifying their tactics. Here are 3 ways to defeat them

December 19, 2023 | By Rebecca Oliver DiGenova

Fraudsters are opportunists by nature, itching for the chance to exploit any vulnerability they can find. With digital interactions now ubiquitous in our daily lives — and at the highest levels of business, government and philanthropy — cybercriminals left no stone unturned in 2023.

Threats now come in every shape and size: phishing schemes that pluck the heartstrings of benevolent individuals, global crime syndicates that feed stock market manipulation, cyberwarfare that threatens humanitarian relief. Increasingly, these criminals leverage the same data and tools that cybersecurity leaders use to protect us.

That’s why AI innovators and business and philanthropic leaders, as well as the highest levels of government intelligence, are coming together to disarm cybercriminals. Matt O’Neill, the U.S. Secret Service deputy special agent in charge of cyber, calls cybercrime-fighting “the ultimate team sport.” Here’s how we can play to win.

01
This AI protects potential fraud victims by flagging suspicious recipients

As new technologies emerge and digital interactions grow exponentially, no single security measure will be able to battle cybercriminals on its own. This requires a multi-layered approach fortified by AI-powered cyber and identity security tools to tackle threats old and new. As more of our everyday interactions shift online, fraudsters have learned to skirt banking security measures with an age-old tactic: impersonation. These criminals sink their virtual claws into victims by posing as trusted parties — even building fake romantic relationships from scratch — to manipulate their targets into transferring money, without breaching cybersecurity protocols.

Scammers have tended to capitalize on weaknesses in fraud detection systems, which typically look at payee data. But Mastercard’s AI-powered tool called Consumer Fraud Risk uses its network view to analyze accounts’ histories and their proximity and relationships with other bank accounts involved with scams or money-laundering activity to stop payments to fraudsters in real time.

In the stickiest situations, when victims have been plied with psychological manipulation, the tool provides objective evidence of scams that’s hard to explain away. One of the banks using the tool in the U.K. has already reported a drop in scam payments by 20% in the four months of use.

02
How the U.S. Secret Service is disarming cybercrime syndicates

Technology can be used as both a shield and a weapon. While AI can help identify and prevent fraud and scams, sophisticated cybercriminals are increasingly using it for phishing scams, corporate blackmail and stock fraud, building a global malware economy in the process.

That’s why the U.S. Secret Service and Mastercard are working together to put cybercrime syndicates in the crosshairs and counteract threats to global financial and payments systems. In October, we sat down with U.S. Deputy Special Agent Matt O’Neill and Mastercard Chief Security Officer Ron Green to talk about the impact of organized cyber attacks and how public-private partnerships are mitigating risk for businesses large and small.

“Bigger organizations are taking it seriously,” Green says, “but the attacks are cascading down to vulnerable small and midsize businesses, which typically do not collaborate actively with the Secret Service or have resources like Mastercard’s intelligence team that can leverage and analyze a wealth of information. That’s why we’re always looking at opportunities to help them protect themselves.”

03
Safeguarding the peacemakers: These volunteers train NGOs to thwart cyberwarfare

Humanitarian organizations are known for bravely putting their lives at risk by helping people in war-torn regions. Unfortunately, they are increasingly endangered by a new kind of threat: cybercrime. And while cybersecurity is a challenge for every industry, NGOs can be especially vulnerable, with precious little budget for IT investment and workers often deployed in regions where physical dangers overshadow cyberthreats.

The CyberPeace Institute is stepping up to equip NGOs with the intelligence, tools and training to defend against data breaches that put their operations at risk. Established in 2019 by a group of corporate and philanthropic donors, including the Mastercard Center for Inclusive Growth, the institute also advises the United Nations on cybersecurity principles and protocols. The CyberPeace Institute is working to help NGOs of all sizes protect themselves from cybercrime — so they can continue to serve the most vulnerable.

Rebecca Oliver DiGenova, contributor