Twenty years of fighting financial fraud leaves you with a particular kind of pattern recognition.
In this episode of Fraud Signals, Richard, Acoru's CRO, sits down with Pablo, cofounder and CEO, to trace fraud prevention from the earliest phishing campaigns of 2002 all the way through to what generative AI means for the threat landscape ahead.
It is a rare conversation with someone who has been in the room for nearly every major shift in the industry, and who now believes the sector is overdue for a genuine technological reset.
Phishing caught everyone off guard. When it emerged in 2002, no vendor had a solution and no playbook existed. Teams had to build their own responses to a threat that lived entirely outside the bank's perimeter.
Malware dominated for nearly a decade. Zeus arrived in 2006 and for the better part of eight years, sophisticated malware ran directly on legitimate banking sites, making two-factor authentication far easier to bypass than anyone had anticipated.
The best fraudsters operate like businesses. They test techniques in the most complex markets first, then sell the method to others. A proven exploit in one country becomes a template everywhere else.
Scams have staying power. Other threat types burned out. Scams have not, and generative AI is about to make them considerably harder to spot and easier to personalise at scale.
GenAI is a weapon on both sides of the fight. Faster detection, better adaptability, improved accuracy on the defence. AI-generated video for extortion and self-adapting malware on the offence.
Fraud signals appear long before the transaction. Catching scam campaigns requires looking at signals before authorisation happens, and following up after. Monitoring the transaction itself is no longer sufficient.
By the time fraud hits hard, it is already too late to react. Deploying new technology in financial institutions takes time. Teams that wait for a significant impact before acting could spend years playing catch-up.