On-demand recording is available now!
Third-party financial aggregators might make life easier for users, but they can be a new attack vector for those looking to defraud your institution and its customers.
Each time a new list of leaked credentials goes into circulation, criminals use them for credential-stuffing attacks on aggregators, as well as other targets. Once working aggregator credentials have been identified, attackers move on to siphon funds out of their victims’ accounts.
Furthermore, some aggregators explicitly aim to use their positions to disintermediate banks and other financial institutions from their customers.
What steps can banks take to:
Dan Woods
VP Shape Intelligence Center