content
Share the article
Subscribe for updates
Sardine needs the contact information you provide to us to contact you about our products and services.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

How Hackers Are Targeting B2B Payments with Remote Access Tools

Simon Taylor
Head of Strategy and Content
#
 min read
May 21, 2024

B2B Payments lack oversight and real-time transaction monitoring.

High-value payments created by companies are often considered low risk, but a new wave of phishing attacks targeting finance teams is changing that. Phishing emails resembling banking online portals trick users into installing remote screen-sharing software.

The catch? 

It is entirely plausible screen sharing might be required inside a corporation, as tech support teams often use it to help when there’s an issue. This makes the attack incredibly efficient and lucrative. 

The solution is to embrace the scam detection techniques commonly used in consumer channels and actively look for signs of remote screening software. This can enable banks and corporations to block a transaction before the money is stolen.

B2B Payments are massive.

B2B Payments and wire transfers were once the boring backwaters of the payments industry. Corporate finance teams would log in to online portals to wire large amounts of money to suppliers or subsidiaries as part of normal operations.

Millions in B2B Transactions Flow Every Day...

This vast sum makes corporate bank accounts a tempting target for cybercriminals. And unfortunately, many businesses haven't adapted their security measures to face this evolving threat.

Remote Access: A Double-Edged Sword

Remote screen-sharing tools like AnyDesk are invaluable for legitimate business purposes, from IT support to design collaboration. However, hackers exploit these tools' trust to gain unauthorized access to corporate devices and initiate fraudulent payments.

How the attack works

Hackers send personalized phishing emails, often mimicking legitimate financial institutions, urging the recipient to download a "live chat app" to resolve an urgent issue. This "app" is actually remote access software, granting the hacker complete control of the victim's device once they share the access code.

What makes this attack so concerning is its effectiveness. The familiarity of remote access tools lowers suspicion, and traditional fraud prevention systems often lack the sophistication to detect their misuse. 

Access codes provide complete control without needing traditional credentials, making them a powerful tool in the wrong hands. If a finance team is logged into the online portal, the attacker now has complete control over the corporate finance account.

Lessons from consumer scam detection

  1. We learned in consumer banking that detecting device usage and user behavior is the most valuable signal for detecting scams. So, even if a payment is made via a banking channel with legitimate credentials we can spot signs of a scam. 
  2. Detecting remote access is now mission-critical. There are very few reasons a corporation would wire a significant amount of money via a remote access tool.

Detecting remote access:

Sardine is the only platform that can detect all screen sharing apps and software, including Anydesk, Teamviewer, Citrix, and Zoom or Teams screen shares. 

We use proprietary signals and machine learning to deliver 92% precision and a 96% detection rate.

Today this is used by clients to help stop

  • Fake tech support scams
  • Fake investment advisor scams
  • Customer support scams

We look for clues like guided mouse movement, calls in session, and recent screenshot behavior from linked devices.

Combined with a wider platform that comes pre-loaded with over 4,000 machine-learned features and 1,000+ ready-baked rules, we help teams go from 0 to 1 on remote access detection (and a lot more).

The Future of B2B Fraud Prevention:

By combining these behavioral insights with transaction monitoring, businesses can gain a powerful advantage in the fight against B2B payment fraud. This layered approach can stop large, unauthorized transfers in their tracks, protecting companies from significant financial losses.

So, the next time you see a remote access tool, don't panic. But do remember: the bad guys are getting smarter, and the battle lines of fraud prevention are shifting. It's time to adapt your defenses and embrace the future of behavior-based security.

content
Heading 2
Share the article
Tagged topics
No items found.
About the author
Simon Taylor
Head of Strategy and Content

Keep reading

Simon Taylor
Simon Taylor
July 25, 2024

Interview with Karisse Hendrick, Fraudology

Karisse is the person the biggest e-commerce companies call when they’re in over their heads. With over 15 years of experience and having saved her clients over $150 million in reduced fraud and chargebacks, she knows a thing or two about staying one step ahead of the fraudsters. We spoke to Karisse Hendrick, consultant, fraud expert, and the host of the Fraudology podcast when she joined us on Risky Business.
Fraud
Eduardo Lopez
Eduardo Lopez
July 24, 2024

The Anatomy of Ecommerce Fraud

Deep dive into fraud typologies in the e-commerce and online retail space. Includes warning signs, solutions, and tips for solving chargebacks, account takeovers, bot attacks, refund fraud, fake accounts, and more.
Fraud
Product
Eduardo Lopez
Eduardo Lopez
July 15, 2024

Sardine Product Updates - Q2 2024

Real-time bank account validation, dispute management, international address verification, business screening, merchant risk scoring, and AML scenario templates.
Product