Social engineering remains the main threat to financial cyber security but its share declines
The share of social engineering in the total amount of illegal transactions fell in 2020 to 61.8% (vs 68.6% in 2019). This was facilitated by joint activities of the Bank of Russia, financial institutions, and law enforcement authorities aimed at improving cyber literacy of individuals. These findings are published in the Review of Transactions Not Authorised by Customers for 2020.
However, on the back of a significant increase in the number (+23.1%) and the volume (+28.2%) of transactions with electronic means of payment, the total amount of theft rose (nearly 9.8 billion rubles). The key driver behind the developments in the cyber security of the financial market was the large-scale lockdown and a transfer to the work-from-home mode during the COVID-19 pandemic.
However, the share of unauthorised transactions in the total amount of operations was a little more than 1 kopeck per 1,000 rubles.
The Bank of Russia’s Feed-Antifraud information exchange system played an important role in counteracting fraud in 2020. All banks that are active in Russia are connected to that system. By the end of 2020, the system contained over 43 thousand unique characteristics of unauthorised transactions. Knowing these characteristics helps banks prevent illegal activity.