Why Adaptive Crimes Are a Threat to Your Business—and Customers

Your dealership demands security solutions that also deliver near-real-time detection and prevention

While you’re reading this, adaptive cyber criminals may be targeting your dealership and your customers—to steal your money and their identities.


Today’s cyber thieves and hackers seem to remain one step ahead of security systems and theft deterrent tools, but that’s changing. That’s good news for any retailer, including auto dealerships.

Cyber crimes are adaptive crimes. Today’s cyber criminals and their tools continuously test the ability of known crime prevention and cybertheft deterrent measures. This is because traditional data security and theft/fraud detection tools that use pattern recognition to identify suspicious activities provide only reactive protection.

Your dealership demands security solutions that also deliver near-real-time detection and prevention. Fortunately, the technology to do so is available.

One of the newest cybercrime prevention strategies is supervised and unsupervised machine learning. This technology can identify transactional fraud patterns—and catch them when they first occur—so they can be stopped.

It can happen to you

In the increasingly digital and online sales environment of auto retailing, every dealership should be on high alert. Dealers should test vulnerabilities of both online and brick-and-mortar defenses to discover and correct their fraud, hack, and theft weaknesses.

In mid-February, the industry seemingly suffered a significant attack. According to the Banks Report, “someone sent an email to dealer executives, DMS vendor executives, and an industry consultant claiming to have used a team of hackers to obtain millions of CRM records” from three leading DMS systems.

Fortunately, this claimed attack was discovered to not be true, but it disrupted business for affected technology companies and their users.

In late 2016, however, databases of up to 100 dealerships using a smaller DMS company’s technology were reported to have been “leaked online,” releasing sales, payroll, and internal email communications records—as well as customer name and address data—noted the online digital security publication ZDNet.

And although dealers increasingly utilize mobile payment technologies, the cyber crime news site The Merkle cautions, “It is impossible to ignore the ingenuity with which internet criminals commit payment fraud these days.”

In addition, the European Union Agency for Network and Information Security says, “Phishing [a common method of online identity theft] has successfully reached the executive level: CEO fraud is now causing significant losses to companies.”

According to the National Cyber Security Alliance, relatively small businesses like auto dealerships are the principal target of cybercrime. More than 70% of attacks target small businesses, according to the Standards for Technology in Automotive Retail (STAR).

“Dealerships tend to have fewer data security safeguards in place and limited resources allocated to cyber security,” according to STAR.

In this age of connected dealerships, cars, and homes—combined with mobility tools’ proliferation in e-commerce—dealers and their employees, suppliers, and customers must be uber-vigilant to the potential of cybercrime and data leakage.

Learning new defenses

Technologies that identify and prevent cybercrime before it happens, says IBM, “cut down on false alarms” that can rattle customer confidence.

You may not realize it, but you are already familiar with machine learning. It’s the technology and methodology self-driving vehicles use to learn about the environment around them. These vehicles use various software systems and sensors to “learn the road.”

Machine learning also helps retailers recognize patterns in consumer behavior and lifestyle interests while they shop online, or when data is extracted from retailers’ sales databases. Machine learning can also reveal what you tweeted last night after that late-night party.

In addition, machine learning “watches” data structures and traffic across financial institutions, over database exchanges, and within payment systems—as well as everyday mobile and email usage—to detect data patterns that indicate early fraud.

Locks and wisdom, too

High-tech crimes aren’t the only criminal acts committed against auto dealerships. For instance, car thieves stole dozens of new cars from Chicago dealerships in recent weeks by breaking windows, locating unsecured vehicle keys, and then driving off with the vehicles.

Besides entire vehicles, parts—such as expensive tires and wheels—are hot theft items. A Texas dealerships recently incurred a $300,000 loss of 180 wheels and tires.

In addition to external theft, embezzlement and internal fraud still plague dealerships. Have you audited and tightened up your internal controls to reduce this risk in your stores?

Employees also continue to breach internal systems when plugging USBs that contain viruses into desktops. Not only do viruses and other cyber-troublemakers get into dealership systems and slow down processing, they also enable potent malware, such as Keylogger, to take root.

For example, this type of malware can set up house in an F&I office desktop or mobile-device keyboard, then capture nine-digit entries—Social Security numbers—and forward these valuable records to its creators.

To combat internal crime, your dealership needs to be vigilant by utilizing antivirus and malware-detection software, and enforce hard-and-fast rules about how paper deal jackets, repair orders, and other document containing personal information are handled, transmitted, and stored by your staff.

None of these foundational security tools, however, will totally thwart today’s adaptive criminals. Because of this ongoing threat, it may be time to investigate the services of a professional data security management provider. If you do, be sure to:

  • Get clarity on the provider’s exact security detection and prevention methodologies.
  • Ask specific questions, and be sure you understand the answers; if you don’t, perhaps it’s not the right security resource for you.
  • Consult your 20 Group for its suggestions.
  • Conduct your own online research.

Finally, become your own security advocate. Don’t allow yourself or staff to drift from standards of proper security protection and cybercrime detection.

Hold everyone accountable to be on alert in their area of responsibility—and to protect themselves, their customers, and your dealership from digital deception.

As senior vice president of marketing solutions for National Credit Center (NCC), Jim Cunningham is responsible for NCC’s Marketing Solutions. As a seasoned automotive veteran, Jim has extensive experience overseeing digital and predictive analytic marketing solutions that enable dealerships to market, and acquire new customers through innovative marketing tools.

Jim Cunningham

1 Comment

Leave reply

Your email address will not be published. Required fields are marked *