Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label kill chain. Show all posts
kill chain
Barclays Cyber Security Fraud kill chain

Barclays Introduces New Step-by-Step Model to Tackle Modern Fraud

 


Banks and shops are facing more advanced types of fraud that mix online tricks with real-world scams. To fight back, experts from Barclays and a security company called Threat Fabric have created a detailed model to understand how these frauds work from start to finish. This system is called a fraud kill chain, and it helps organizations break down and respond to fraud at every stage.


What Is a Kill Chain?

The kill chain idea originally came from the military. It was used to describe each step of an attack so it could be stopped in time. In 2011, cybersecurity experts started using it to map out how hackers attack computer systems. This helped security teams block online threats like viruses, phishing emails, and ransomware.

But fraud doesn’t always follow the same patterns as hacking. It often includes human error, emotional tricks, and real-life actions. That’s why banks like Barclays needed a different version of the kill chain made specifically for financial fraud.


Why Fraud Needs a New Framework

Barclays noticed a new type of scam using tap-to-pay systems—also known as NFC, or near-field communication. This technology lets people pay by simply tapping their cards or phones. Criminals found ways to misuse this by copying the signals and using them without permission.

When Barclays and Threat Fabric studied these scams, they realized that the NFC trick was just one part of a larger process. There were many steps before and after it. But there was no clear way for banks and retailers to explain or share all this information. So, they created a new model to organize it all.


How the Fraud Kill Chain Works

The new fraud kill chain has ten steps. It starts with the fraudsters gathering data about victims and moves through stages like emotional manipulation, fake messages, stealing passwords, getting into accounts, and finally taking and hiding the money. Each of these steps includes different tricks and techniques.

For example, a scam might begin with a fake text message asking the victim to click a link. Once the victim enters their details, criminals can add their card to a device and make payments from far away. This kind of attack is sometimes called a ghost tap.


Retailers Use Their Own Version

Retail companies like Target are also building similar models. They’ve found that even simple scams, like messing with gift cards, involve many people and actions. Without a clear way to describe each part, it's hard for teams to stop them in time.

By using a structured approach to fraud, companies can better understand how scams happen, spot weak points, and stop future attacks. This new model helps everyone speak the same language when it comes to stopping fraud—and protects people from losing their money.

Read more »
Subscribe to: Posts (Atom)