Utilizing Internet for Fraud Examination and Investigation
9 likes1,591 views
The document discusses the definition, types, and motivation behind fraud, contrasting it with lying and addressing internal versus external fraud. It also covers the nature of cyber crime, its classifications, notable cyber crime incidents, and the emergence of a cyber crime-as-a-service marketplace affecting the prevalence and methods of cyber attacks. Additionally, it touches upon mobile attack vectors and the profiles of cyber criminals.
![April 2016
Source: IBM [1] UNODC Comprehensive Study on Cybercrime, 2013
24](https://image.slidesharecdn.com/utilizinginternetforfraudexaminationandinvestigationforslidesharev1-160403111651/85/Utilizing-Internet-for-Fraud-Examination-and-Investigation-24-320.jpg)
![April 2016
Source: IBM
[2] FBI: Crime in the United States 2013
[3] United California Bank Robbery
[4] Center for Strategic and International Studies
25](https://image.slidesharecdn.com/utilizinginternetforfraudexaminationandinvestigationforslidesharev1-160403111651/85/Utilizing-Internet-for-Fraud-Examination-and-Investigation-25-320.jpg)
![April 2016
Source: IBM [6] ESG: http://bit.ly/1xzTmUW
26](https://image.slidesharecdn.com/utilizinginternetforfraudexaminationandinvestigationforslidesharev1-160403111651/85/Utilizing-Internet-for-Fraud-Examination-and-Investigation-26-320.jpg)
![Mobile Encounters Larger Attack Surface
β’ In 2015 1.5 billion units are shipped.[1]
β’ Vast majority of mobile malware is still focused on Android
platform due to open platform and popularity with 79%, iOS of
15% and 5% the rests [2]
β’ Banking Trojans, used with SMS sniffers, are increasing
A user is persuaded through social engineering to
download mobile malware from their PC.
Scenario
During online banking session, a screen pop up
inviting user to download a mobile app (masquerading as
a security feature), which is actually SMS sniffer.
When the user's bank detects unusual activity, such
as high-value wire transfer, and sends an out-of-band
one-time password to user's mobile that must be
entered to authorize the transaction, the criminal can
intercept it and complete the transfer to their own account.
April 2016 30
[1] IDC Worldwide Smart Phone 2015-2019 Forecast and Analysis
[2] IDC Worldwide Quarterly Mobile Phone Tracker](https://image.slidesharecdn.com/utilizinginternetforfraudexaminationandinvestigationforslidesharev1-160403111651/85/Utilizing-Internet-for-Fraud-Examination-and-Investigation-30-320.jpg)
Utilizing Internet for Fraud Examination and Investigation
- 1. Utilizing Internet for Fraud Examination and Investigation Within Banking E-Channels and Cyber Crime
- 3. 1ST SESSION: REDEFINING FRAUD, EXAMINATION, INVESTIGATION AND CYBER CRIME April 2016 3
- 4. Letβs Start First with Fraud DEFINITION Oxford Dictionary β’ Wrongful or criminal deception intended to result in financial or personal gain. or β’ A person or thing intended to deceive others, typically by unjustifiably claiming or being credited with accomplishments or qualities. Association of Certified Fraud Examiner (ACFE) β’ Any crime for gain that uses deception as its principal modus operandi. Blackβs Law Dictionary β’ A knowing misrepresentation of the truth or concealment of a material fact to induce another to act to his or her detriment. or β’ Any intentional or deliberate act to deprive another of property or money by guile, deception, or other unfair means. April 2016 4
- 5. Fraud vs Lying β’ Fraud usually involves lying for a specific gain that causes someone loss while lying does not always include hurt. β’ Example, if we take our car to an unscrupulous mechanic, he may tell us he makes $1,000 a year. If this is a lie, it does not hurt us. β’ However, if our car does not need repairs but the mechanic says our car needs $500 in body work, he/she has committed fraud because truth is twisted and causes financial loss for us. April 2016 5
- 6. Types of Fraud β’ Internal Fraud When employee, manager, or executive commits fraud against his or her employer. β’ External Fraud Vendors, customers, suppliers, integrators, consultants, and other third parties (known or unknown). April 2016 6 Image courtesy of: City Caucus
- 7. April 2016 7 Courtesy of ACFE
- 8. Fraudβs Motives β’ Donald Cresseyβs hypothesis April 2016 8 Courtesy of ACFE
- 9. Fraud Examination and Investigation April 2016 9 Courtesy of ACFE
- 10. Fraud Examination and Investigation (contβd) April 2016 10 Courtesy of ACFE
- 11. Examination versus Audit April 2016 11 Courtesy of ACFE
- 12. Examination versus Audit (contβd) April 2016 12 Courtesy of ACFE
- 13. Fraud Examination vs Forensic Accounting β’ Different but related. β’ FA is done by accountants using Accounting Skills in anticipation of potential or actual civil or criminal litigation and can include fraud, valuation, bankruptcy, and others. β’ FE conducted by either accountants or non-accountants and refer only to anti-fraud matters. β’ Most FE involve forensic accounting but not all forensic accounting is fraud examination. β’ Simply because majority of examinations, investigations, and reports regarding fraud are done with βan eye toward litigation.β β’ FE conduct their examination with assumption the case may end in litigation. April 2016 13
- 14. Redefining Cyber Crime What Crime is? βAn event, which subjects the doer to legal punishment or any offence against morality, social order or any unjust or shameful actβ ~ Oxford Dictionary April 2016 14
- 15. What Crime is All About? Doing Crime is Illegal? Being a criminal = a bad person? Crime = Illegal against Law + Bad Motive(s) + On Purpose Crime != Illegal against Law + Unintentional + Good Motive (s) Crime != Illegal against Law + Unintentional + Bad Motive (s) Crime != Illegal against Law + On Purpose + Good Motive (s) April 2016 15
- 16. What Crime is All About? (contβd) Therefore CRIMES are NOT to be MEASURED by the ISSUE of EVENTS, but by BAD INTENSION of a PERSON or ENTITY. April 2016 16
- 17. Then Cyber Crime isβ¦ β’ An unlawful act wherein computer/machine is either a tool or a target or both. β’ Punishable by (Information Technology) Act. β’ Happened in and or through cyber space. β’ Former descriptions were "computer crime", "computer-related crime" or "crime by computerβ. β’ Other forms include "digital", "electronic", "virtual" , "IT", "high-tech" and technology-enabled" crime. April 2016 17
- 18. Laws and Regulation on Indonesia β’ Telecommunication Act No. 36/1999 focused on Telecommunications Infrastructure briefly; Not internet in particular. β’ Information and Transaction Electronic Act No. 11/2008 for legal enforcements against cyber crime. β’ Copyright Act No. 19/2002. β’ Pornography Act No. 44/2008. β’ Electronic System Provider and Electronic Transaction Regulation No. 82/2012. April 2016 18
- 19. Cyber Crime Categories β’ Computing Devices as a Target Using those devices to attacks other devices e.g. Hacking, virus/worms attacks, DoS attack, etc. β’ Computing Devices as a Weapon Using those devices to commit real-world crimes e.g. cyber terrorism, credit card fraud, etc. April 2016 Image courtesy of chakreview.com 19
- 20. Cyber Crime Categories (contβd) From victim point of views: 1. Cyber crime on Persons e.g. Harassment occurred in cyberspace, or through the use of cyberspace (sexual, racial, religious, or other) and cyber bullying. 2. Cyber crime on Groups/Organizations Targeting particular or certain organizations or groups whether profit or non-profit. Often time those who reside as financial industry players. April 2016 20
- 21. Cyber Crime Categories (contβd) 3. Cyber crime on Property e.g. Computer vandalism (destruction of others' property), transmission of harmful programs, unauthorized intrusion through cyber space, unauthorized possession of computer information. 4. Cyber crime on Government e.g. Cyber terrorism is one distinct kind of crime in this category. April 2016 21
- 22. In 2014 according to Federal Bureau Investigation (FBI): β’ Viruses β’ Employee abuse of privileges β’ Unauthorized access by insiders β’ Denial of Service (DoS, DDoS) β’ System penetration from the outside β’ Theft of proprietary information (User ID and password) and devices β’ Sabotage of data/networks β’ Proving/scanning systems β’ Financial fraud Notable Cyber Crimes April 2016 Image courtesy of indiatimes.com 22
- 23. ο Manipulate data integrity ο Sniffing ο Keylogger ο IP spoofing Notable Cyber Crimes (contβd) April 2016 Image courtesy of @TrojanLax 23
- 24. April 2016 Source: IBM [1] UNODC Comprehensive Study on Cybercrime, 2013 24
- 25. April 2016 Source: IBM [2] FBI: Crime in the United States 2013 [3] United California Bank Robbery [4] Center for Strategic and International Studies 25
- 26. April 2016 Source: IBM [6] ESG: http://bit.ly/1xzTmUW 26
- 27. Cyber Crime-as-a-Service Marketplace β’ Continues to mature over the past two years. β’ Enables more fraudsters to cash in without needing to understand the chain of fraud, how to phish or spam, or IT infrastructure requirements. β’ Becomes fiercely competitive. β’ Cybercrime 'service providers' must work harder than ever before to win and keep 'customers.β β’ Generalized increase in quality of malware produced. β’ Enables much larger pool of bad actors with no technical knowledge to profit from. April 2016 27
- 28. Cyber Crime-as-a-Service Marketplace (contβd) β’ Many types of attack are simple and low cost. β’ Phishing attacks: 500,000 email addresses cost $30. β’ Hosting a phishing site can be more or less free. β’ Thousands of credit cards can be stolen in return for around $100. April 2016 28
- 29. Cyber Crime-as-a-Service Marketplace (contβd) April 2016 29 Image courtesy of EMC
- 30. Mobile Encounters Larger Attack Surface β’ In 2015 1.5 billion units are shipped.[1] β’ Vast majority of mobile malware is still focused on Android platform due to open platform and popularity with 79%, iOS of 15% and 5% the rests [2] β’ Banking Trojans, used with SMS sniffers, are increasing A user is persuaded through social engineering to download mobile malware from their PC. Scenario During online banking session, a screen pop up inviting user to download a mobile app (masquerading as a security feature), which is actually SMS sniffer. When the user's bank detects unusual activity, such as high-value wire transfer, and sends an out-of-band one-time password to user's mobile that must be entered to authorize the transaction, the criminal can intercept it and complete the transfer to their own account. April 2016 30 [1] IDC Worldwide Smart Phone 2015-2019 Forecast and Analysis [2] IDC Worldwide Quarterly Mobile Phone Tracker
- 31. Mobile-Only Attack Vectors β’ Premium rate scams Scenario Scammers persuade user to send SMSs or make calls to premium-rate numbers from their mobile, with the scammers collecting the cash that results. β’ Data stealers and spying apps Scenario These apps switch on a phone's camera or audio, so that a criminal can watch the user's face to see whether he or she is being convinced by a social engineering attempt; or record what the user says during calls to their bank. They can also steal address book data, lift photos from the phone and get the deviceβs geo location. April 2016 31
- 32. Mobile-Only Attack Vectors (contβd) β’ Initiated by rogue mobile apps rather than malware. β’ Misuse trust to steal information and money by persuading users to give them permissions during the installation process. β’ Many users simply click 'Next' without reading each screen, and fail to notice. β’ App has gained super-user privileges which provide full access to the phone's features. β’ May even make the app impossible to uninstall. April 2016 32
- 33. Mobile-Only Attack Vectors (contβd) April 2016 33 Image courtesy of EMC
- 34. Ransomware Continues β’ In mobile devices, such as Police Locker capitalizing typical user behavior during installation. β’ Gain privileges needed to lock the device. β’ Give instruction to pay a ransom to unlock their files (or to 'pay a fine' because the phone supposedly contains 'illegal content'). β’ Ransoms generally have to be paid via an online payment system, such as Bitcoin, or prepaid cash cards (untraceable and non-reversible). April 2016 34
- 35. April 2016 35 Image courtesy of EMC
- 36. Cyber Criminals: Who They Are? β’ Kids (age group below 17) β’ Disgruntled employees β’ Organized hacktivists β’ Professional hackers (corporate espionage) either white or black hats β’ Cyber Terrorist (political motive) April 2016 Image courtesy of Travaux 36
- 37. April 2016 Thank You! Image: UltraHighDefinitionWallpepers 37 Thank You! Image courtesy of waystobuildabusinessonline.com