disruptive innovation in cybercrime techniques

Disruptive Innovation in Cybercrime Techniques

Etay Maor

Senior Fraud Prevention Strategist

© IBM Trusteer, 2014

Security Silos FAIL!

© IBM Trusteer, 2014

Targeting Security Solutions:

External and Perimeter

Anti virus

Sandbox

VMs

Login

Credential protection and encryption

OTP SMS

Device ID

Internal

Behavior anomaly detection

Clickstream analysis

3

© IBM Trusteer, 2014

Malware Protection

4

© IBM Trusteer, 2014

Malware Protection

5

Malware Protection - Outsource

© IBM Trusteer, 2014

Device Forging

© IBM Trusteer, 2014

Bypassing Device ID

Notification

LoginInjection

© IBM Trusteer, 2014

Bypassing Device ID

RDP

Transaction

© IBM Trusteer, 2014

Behavior and Device ID Tricks

10

The data source:

Large European bank

3 weeks worth of data

1.5M accounts reviewed

10M login attempts

Fraudsters know behavioral profiling is in action

Fraud does not happen on the first login

30% of the users come from a mobile device

Confirmed fraud coming from the mobile channel. WHY?

New Mobile Threats

11

© IBM Trusteer, 2014

How Times Have Changed…

Trusteer Confidential 2013 ©

Ajax Vs Barcelona

13

Trusteer Confidential 2013 ©

Ajax Vs Barcelona???

14

© IBM Trusteer, 2014

Overlay Mobile Attack

© IBM Trusteer, 2014

Overlay Mobile Attack

© IBM Trusteer, 2014

Mobile SVPENG

17

© IBM Trusteer, 2014

Mobile SVPENG

1

8

C&C – ransomware preparations

© IBM Trusteer, 2014

Mobile Ransomware

Thank You