Fighting Cyber-Enabled Fraud 2025

Public key infrastructure (PKI). A framework of digital certificates and trusted authorities that verifies identities and enables encrypted communication on the internet. Reverse proxy. A service that sits in front of a website’s origin server, handling all incoming requests and responses. Reverse proxies conceal the origin server’s IP address and often terminate TLS/SSL sessions – meaning the user’s encrypted connection ends at the proxy. The proxy then inspects or filters the traffic and may establish new encrypted connections to the original server. This allows the proxy to apply security features such as distributed denial of service (DDoS) attack mitigation, web application firewalls or traffic analytics. Most large providers also operate as CDNs, combining performance and security functions. Criminals have been observed exploiting these services to hide infrastructure, obtain free TLS certificates and frustrate takedown efforts. Smishing. A form of phishing conducted through text messaging. The term originated from bad actors’ use of short message service (SMS) texts for phishing – discussed elsewhere in this paper – but this term now applies to any text-based messaging protocol or platform. Transport layer security (TLS) certificates. A digital credential (based on the X.509 standard) issued by a trusted certificate authority (CA) that verifies the identity of a website or service and enables encrypted communication using the TLS protocol. TLS certificates allow users’ browsers or applications to confirm they are connecting to the intended domain and to establish a secure, encrypted session. Although these are often called “SSL certificates” in industry jargon, secure sockets layer (SSL) was the predecessor to TLS and is now obsolete; modern encrypted connections use TLS exclusively. Vishing. A form of phishing conducted through voice calls or voicemail messages. Fighting Cyber-Enabled Fraud: A Systemic Defence Approach 23