#United States #New York #Cybersecurity #Fraud Prevention #Trustmi

The Trustmi Report on Fraud Risks

In a recent study conducted by Trustmi, a recognized leader in the domain of cybersecurity designed to counter social engineering fraud, it was found that a staggering 83.6% of enterprises have encountered at least one fraud attempt in the past year. The findings, released in the Trustmi 2025 Socially Engineered Fraud Risk Report, highlight critical improvements needed in coordination between finance and security teams to better thwart fraudulent activities.

The Impact of Poor Coordination

According to the survey, more than 34.4% of participants acknowledged that gaps between finance and security contributed directly to a fraud incident or a 'close call.' This underscores a significant vulnerability that many organizations face today. The research drew responses from 525 finance and cybersecurity leaders working in companies that reported over $1 billion in annual revenue. The financial repercussions of these incidents have proven to be severe for many, with nearly half (47.6%) of surveyed entities reporting losses exceeding $500,000 in a single occurrence. Alarmingly, 25% of these companies saw losses surpass $1 million from just one attack.

The Evolution of Fraud Tactics

The nature of fraud attempts has evolved, becoming more sophisticated during the last couple of years. Recent trends show that attacks now often involve multi-step and adaptive strategies, making it imperative for organizations to bridge their existing silos. With one in six enterprises facing fraud attempts weekly, the urgency for improved coordination is more pressing than ever.

Shai Gabay, the CEO and Co-Founder of Trustmi, stated, "GenAI has weaponized fraud into a coordinated business attack. Our defenses must grow just as the strategies of these fraudsters evolve." Without a unified approach to visibility and coordination, organizations remain vulnerable to threats.

A Closer Look at Fraud Frequency and Costs

The report further illustrates that social engineering attacks are a growing phenomenon, no longer limited to isolated incidents, but are, instead, becoming routine occurrences. Nearly 25% of organizations experience multiple fraud attempts each year, with 15.7% reporting weekly attacks. Here's a breakdown of the losses reported:

• - 26.75% of companies lost over $1 million in a single incident.
• - 29.19% experienced losses between $500K–$1M.
• - 22% encountered losses in the range of $100K–$500K.

Bridging the Gap: Collaboration Between Teams

Interestingly, the report points not solely to technology as a source of vulnerability, but rather emphasizes the need for better team alignment. Ownership for fraud prevention remains fragmented across organizations, which leaves them susceptible to attacks that one single department cannot manage effectively. Findings include:

• - Only 27% indicated that fraud prevention ownership is shared between finance and security teams.
• - A notable portion split responsibility, with leaders from both teams divided on ownership.
• - Over 34.5% of respondents acknowledged misalignment between the two groups.

Fragile Infrastructure: Traditional Controls Failing

As fraudsters adopt AI-enhanced methods, traditional security measures are beginning to falter. Shockingly, in 88% of significant incidents, at least one critical control failed. The report found an increase in incidents that spanned across different platforms and teams, further complicating efforts to address vulnerabilities. Controls most frequently failing include:

• - Email and messaging security: 44.6% failure rate
• - Employee security awareness training: 32.2% failure rate
• - Third-party vendor compromises: 31.6% failure rate
• - Threat detection/escalation processes: 27.85% failure rate
• - Bank account validation tools: 26.5% failure rate

The Human Element: A Key Factor

In addition to system failures, the report sheds light on the human mistakes that can conspire to enable attacks. The overwhelming leading factor cited was human error, accounting for 46.10% of failures. Other contributing factors involved:

• - Emails appearing legitimate: 40.57%
• - Compliance through trusted but compromised sources: 32%
• - Fraud crossing multiple systems: 31.62%
• - Security tools missing the threats: 25.33%
• - Ineffective validations: 21.52%

Solutions and Path Forward

The report suggests four primary strategies for organizations aiming to minimize their fraud risks:
1. Unify Fraud Prevention Ownership: Establish a clear, collaborative ownership across finance and security.
2. Cross-Platform Detection: Deploy enhanced detection measures that span all operational layers.
3. Build Resilient Defenses: Adapt defenses capable of withstanding GenAI-driven threats.
4. Track Broader Impacts: Monitor not only direct losses but also the overall operational and compliance impact of fraud.

Conclusion

With the stakes high, organizations must act decisively to close the gaps in fraud prevention efforts, particularly between finance and security teams. Trustmi's ongoing research and advocacy in this domain highlight the paramount importance of a coordinated response to safeguard against social engineering fraud effectively. For more insights from the Trustmi 2025 Socially Engineered Fraud Risk Report, visit Trustmi's website.