ato presentation for federal reserve presentation.ppt · 2019. 1. 21. · •npi / pr research to...
TRANSCRIPT
![Page 1: ATO Presentation for Federal Reserve Presentation.ppt · 2019. 1. 21. · •NPI / PR research to beat KBA •Escalate online access Online •Phishing •Malware •Mass Compromise](https://reader035.vdocuments.mx/reader035/viewer/2022071406/60fb3ceef4102a15b8368b29/html5/thumbnails/1.jpg)
Welcome
![Page 2: ATO Presentation for Federal Reserve Presentation.ppt · 2019. 1. 21. · •NPI / PR research to beat KBA •Escalate online access Online •Phishing •Malware •Mass Compromise](https://reader035.vdocuments.mx/reader035/viewer/2022071406/60fb3ceef4102a15b8368b29/html5/thumbnails/2.jpg)
Cybercrime……is any crime that involves a computer and a network.
"The modern thief can steal more with a computer than with a gun. Tomorrow's terrorist may be able to do more damage with a keyboard than with a bomb".
– National Research Council, "Computers at Risk", 1991.
2012www.bsacoalition.org
![Page 3: ATO Presentation for Federal Reserve Presentation.ppt · 2019. 1. 21. · •NPI / PR research to beat KBA •Escalate online access Online •Phishing •Malware •Mass Compromise](https://reader035.vdocuments.mx/reader035/viewer/2022071406/60fb3ceef4102a15b8368b29/html5/thumbnails/3.jpg)
Cybercrime…
… is much more efficient from a criminal perspective. More reward and (usually) lighter penalties.
2012www.bsacoalition.org
![Page 4: ATO Presentation for Federal Reserve Presentation.ppt · 2019. 1. 21. · •NPI / PR research to beat KBA •Escalate online access Online •Phishing •Malware •Mass Compromise](https://reader035.vdocuments.mx/reader035/viewer/2022071406/60fb3ceef4102a15b8368b29/html5/thumbnails/4.jpg)
4
Cybercrime approaches are pervasive and driving bank fraud loss across almost all areas
Call CenterOnline research Defeat Knowledge Based Authentication
2012www.bsacoalition.org
Credit / Debit CardMalware compromise of payment systems Full track data
CheckView check images Counterfeit checks
Online Account TakeoverAutomated credential harvesting and utilization
![Page 5: ATO Presentation for Federal Reserve Presentation.ppt · 2019. 1. 21. · •NPI / PR research to beat KBA •Escalate online access Online •Phishing •Malware •Mass Compromise](https://reader035.vdocuments.mx/reader035/viewer/2022071406/60fb3ceef4102a15b8368b29/html5/thumbnails/5.jpg)
5
Account takeover fraud occurs when a fraudster obtains credentials and uses them to gain control of an account. Broadly 2 approaches:
2012www.bsacoalition.org
Social Engineering
• Branch– Impersonate customer
• Call Center– Brute force
Cybercrime (Technical Approach)
• Online– Phishing– Malware– Mass Compromises– Internet Research
Fraud rings often employ both approaches iteratively.
![Page 6: ATO Presentation for Federal Reserve Presentation.ppt · 2019. 1. 21. · •NPI / PR research to beat KBA •Escalate online access Online •Phishing •Malware •Mass Compromise](https://reader035.vdocuments.mx/reader035/viewer/2022071406/60fb3ceef4102a15b8368b29/html5/thumbnails/6.jpg)
6
Account takeover fraud is perpetrated in multiple ways but all approaches require defeating authentication and then removing money from the bank
Cash out accountsObtain Credentials
Social Engineering
Technical Attacks
Branch•Impersonate customer•Fake ID
Call Center•Social engineering•NPI / PR research to beat KBA•Escalate online access
Online•Phishing•Malware•Mass Compromise•Brute Force•Credential Reset via phone
Method•ACH•Wire•ATM / Debit•Check•BillPay•Counter W/D
Auth controls $Trans controls
Defenses should be built that look holistically throughout the fraud attack cycle. Single focus “silo” defenses will struggle to mitigate risk.
![Page 7: ATO Presentation for Federal Reserve Presentation.ppt · 2019. 1. 21. · •NPI / PR research to beat KBA •Escalate online access Online •Phishing •Malware •Mass Compromise](https://reader035.vdocuments.mx/reader035/viewer/2022071406/60fb3ceef4102a15b8368b29/html5/thumbnails/7.jpg)
7
Most account takeover fraud is perpetrated by organized criminal groups. It’s important to look for these collusive networks.
2012www.bsacoalition.org
Identify fraud and leverage data sources to find related activity
Map fraud networks with manual and automated tools
Design fraud ring specific logic and run until activity ceases
![Page 8: ATO Presentation for Federal Reserve Presentation.ppt · 2019. 1. 21. · •NPI / PR research to beat KBA •Escalate online access Online •Phishing •Malware •Mass Compromise](https://reader035.vdocuments.mx/reader035/viewer/2022071406/60fb3ceef4102a15b8368b29/html5/thumbnails/8.jpg)
8
Ring #1
Ring #2
Ring #3
Criminal networks can be extensive. Understanding connections makes defense easier and collaboration with law enforcement more productive.
Networks from 2010 J1 Money Mule Campaign
![Page 9: ATO Presentation for Federal Reserve Presentation.ppt · 2019. 1. 21. · •NPI / PR research to beat KBA •Escalate online access Online •Phishing •Malware •Mass Compromise](https://reader035.vdocuments.mx/reader035/viewer/2022071406/60fb3ceef4102a15b8368b29/html5/thumbnails/9.jpg)
9
The level of online threats remains high with no signs of decreasing
2012www.bsacoalition.org
![Page 10: ATO Presentation for Federal Reserve Presentation.ppt · 2019. 1. 21. · •NPI / PR research to beat KBA •Escalate online access Online •Phishing •Malware •Mass Compromise](https://reader035.vdocuments.mx/reader035/viewer/2022071406/60fb3ceef4102a15b8368b29/html5/thumbnails/10.jpg)
10
Capital One has seen a ramp in attacks targeting the commercial platforms
2012www.bsacoalition.org
0
50
100
150
200
250
300
350
2010 2011 2012 (Proj)
Year
Com
prom
ised
Cus
tom
ers
![Page 11: ATO Presentation for Federal Reserve Presentation.ppt · 2019. 1. 21. · •NPI / PR research to beat KBA •Escalate online access Online •Phishing •Malware •Mass Compromise](https://reader035.vdocuments.mx/reader035/viewer/2022071406/60fb3ceef4102a15b8368b29/html5/thumbnails/11.jpg)
11
Cybercriminals continue to create new malware and obfuscate existing code to make detection algorithms less effective
2012www.bsacoalition.org
![Page 12: ATO Presentation for Federal Reserve Presentation.ppt · 2019. 1. 21. · •NPI / PR research to beat KBA •Escalate online access Online •Phishing •Malware •Mass Compromise](https://reader035.vdocuments.mx/reader035/viewer/2022071406/60fb3ceef4102a15b8368b29/html5/thumbnails/12.jpg)
12
Key takeaways…•Cybercrime is increasingly prevalent but often hidden by approach
•Most cybercrime is organized and sizable (“isolated” events rarely are)
•It’s most efficient to fight account takeover fraud holistically.
2012www.bsacoalition.org