PayPal ‘encourages vigilance’ to help prevent cyber crime


We need a really diverse group of people with the right skills to join this workforce and help us fight, says PayPal’s Head of Information Security, Daniela Fernandez.

PayPal’s Head of Information Security, Daniela Fernandez is driven by the need to provide security to customers.

Many years ago, her mother was physically robbed at gunpoint walking out of a bank in Colombia and was lucky to survive the attack. At the time, Fernandez was studying computer science and software engineering at a university in South America. The experience was what prompted Fernandez to decide that she wanted to combat crime using her knowledge.

However, there was no Masters degree available in information security where she was living, so she came to Australia in 2006 to learn English then again in 2008 when she completed a Masters in analytics. She worked at Commonwealth Bank detecting fraud and cyber security, moved to Deloitte and then joined PayPal in August 2021. She leads technology and information security strategy at PayPal in Australia in conjunction with the global technology team to protect company information and customers.

“Social engineering is the biggest threat for customers. When you look at the [cyber] attacks that have happened across the world, most of the attacks are not sophisticated,” says Fernandez in an interview with Forbes Australia.

The perpetrators “hack our human psychology”, she says. The acceptance and widespread use of shopping online and the fast pace of messaging and information delivery means the public is prone to phishing, identity theft and fraud.

Australian Bureau of Statistics (ABS) data shows that online retail shopping has doubled from pre-pandemic levels to around 11%.

Merchants and consumers are vulnerable, but PayPal is a “trusted brand” operating in over 200 markets with 400 million users and can use predictive algorithms the data produces to help detect online crime. Every transaction is monitored and guarded behind encryption to help prevent financial loss and identity theft.

During the 2021–22 financial year, over 76,000 cybercrime reports were made via ReportCyber, an increase of nearly 13% from the previous financial year, according to the Australian Cyber Security Centre. One cybercrime report is made approximately every 7 minutes, compared to one report every 8 minutes in 2020–21.

What gets reported isn’t the whole picture, Fernandez says. “We encourage vigilance,” she says and suggests the use multi-factor authentication can help.

Some recent highly publicised cyber-attacks in Australia have made people more aware about online crime and security, she says. “They now think more about privacy and that they need to take care of their information and become more savvy. More and more individuals are taking the time to learn about financial literacy and e-safety.”

She asks colleagues to pick one person they know each week to explain to them about the importance of cyber security and how they can apply techniques to keep themselves safer online.

“In cyber security, one of the issues we face is a skills shortage. Finding the people to help us is a challenge. Cyber criminals work around the world and can target everywhere, and they collaborate. We need a really diverse group of people with the right skills to join this workforce and help us fight.”

Further reading

2022: The year of the data breach