banking frauds

Banking FraudsAn analysis of Banking Frauds, causes and possible preventive Measures

Types of Banking Frauds• Identity Theft• Friendly Theft• Internal Bank Frauds

• These three categories includes different types of banking frauds that is done all through out the world

The Current Scenario-Banking Frauds

What Is a banking Fraud?

Presented by: Milinda Silva

Nordea Bank AB Company Profile• It is a universal bank, including corporate merchant banking, retail banking, and private

banking.• They are also one of the leading providers of life and pensions products in the Nordic

countries.• The headquarters is located at Stockholm, Sweden. • Nordea is active in Denmark, Finland, Norway, Estonia, Latvia, Lithuania, Poland, and Russia.

Their International network includes branches in New York, London, Frankfurt, Singapore, and Shanghai.

• The President/CEO is Christian Clausen.

Nordea Bank AB Company Profile

• They have 1,400 branches and serves about 11 million customers. • The key customer segment for Nordea is corporate clients.• The bank listed on the Copenhagen Stock Exchange, Helsinki Stock Exchange, and

Stockholm Stock Exchange.• Nordea operates an internet bank, holding more than 5.9 million online customers

engaging in more than 260 million payments per year.

The type of fraud, and how did the fraud take place

• In 2007 Nordea Bank AB was subjected to an online phishing scam. • The fraudsters managed to steal around 8m kronor ($1.1m; £576,000) from account holders. • The bank stated that their customers have been targeted by emails containing a customized

Trojan for months.• The believes that 250 customers have been affected by the fraud.• According to McAfee, the attack used a Trojan known as haxdoor.ki, to obtain customers

details.

The type of fraud, and how did the fraud take place

The Procedure: • First, Haxdoor installs keyloggers to record keystrokes. Then it hides itself using a rootkit. • Next, the payload of the .ki variant of the Trojan activates when users attempted to log in

to the Nordea online banking site.• As a result, online users were redirected to a false home page, where they entered

important log-in information, including log-in numbers. • After the users entered their valuable information an error message has appeared,

informing them that the site was experiencing technical difficulties.• Finally, the criminals managed to use the harvested customer’s details on the real Nordea

website to take money from their accounts.

How was it detected and remediated• According to industry newspaper Computer Sweden, the police have traced the fraudulent

emails first to computer servers in the US and then to Russia.• The thieves managed to evade detection by limiting their transfers to small sums.• Later, it was revealed that Nordea clients have been targeted by the phishing emails for at

least 15 months.• The police in Sweden have already managed to arrest over 100 middlemen in Sweden, who

have been working with the Russian hacker criminals.

Chip Authentication Program

• The CAP is a MasterCard initiative and technical specification for using EMV banking smartcards for authenticating users and transactions in online and telephone banking.

• It was also adopted by Visa as Dynamic Pass code Authentication.• CAP is a form of two-factor authentication as both a smartcard and a valid PIN must be

present for a transaction to succeed.• Nordea Bank AB hopes this system will reduce the risk of their customers entering their

details into fraudulent websites through phishing email attacks.

National Provincial Bank Westminster Bank

Mike O’Connell

Overview of Incident

• In April of 2012 he found that six separate transactions totaling to £7,450 had come out of his NatWest account.

• How was it detected?

“Told it was my fault even though bank never spotted suspicious payments”

Type of Fraud and remediation strategies

• Not a phishing email!

• Malware..

• “Trusteer Rapport”

Type of Malware

• Zeus Trojan or Zbot

• Egypt, the United States, Mexico, Saudi Arabia, and Turkey

Remediation

• Financial Ombudsman Service (FOS)

• UK police arrested 19 individual.

• $9.5 million stolen from online banking customers.

HSBC £72m Bank Fraud

• Started its operations in March 1865 in Hong Kong.

• Serves a customer base which is around 58 million in more than 80 countries ad it has around 7200 offices all over the globe covering Africa, Asia, Europe, North America and South America.

Background of the company

• HSBC has done some major acquisitions throughout the time, including acquisitions of Midland Bank (1992), OfficeMax (2005), Neiman Marcus Group (2005.

• Many of these acquisitions allowed HSBC to expand the diversity of its global operations.

• Currently, HSBC comprises of a total of 23 corporate entities.


• HSBC is a global financial company so it competes with a range of leading global banks and financial services providers, including Bank of America, Barclays, Citigroup, Deutsche Bank etc.


• HSBC is a universal bank and is organized within four business groups:

• Commercial Banking• Global Banking and Markets (investment banking)• Retail Banking and Wealth Management (retail banking and

consumer finance)• Global Private Banking. (HSBC)


• As of 31st December 2012, it had total assets of $2.637 trillion, of which roughly half were in Europe, a quarter in the Americas and a quarter in Asia.


• Wire Fraud

• Former HSBC worker tried to steal £72m ($141m) from the bank through an audacious electronic heist

Type of the fraud

• Jagmeet Channa aged 25, who worked at the firm's headquarters.

• He stole couple of his colleagues' log-in credentials to transfer £72m from HSBC to accounts held with Barclays Bank in Manchester (£24m) and in Morocco (£48m).

Type of the fraud

• It happened on Friday, 18 April 2008. Channa, while working at HSBC's UK headquarters authorized two seemingly straightforward transactions. But they were made using passwords stolen from colleagues.

• That morning, Channa wired £48m to an account at French bank Société Générale in Casablanca, Morocco. Then moments later, he dispatched £24m to a branch of Barclays in Manchester.

How did the fraud take place

• It was totally audacious, and said to be the biggest fraud of its kind in the UK.

• He pulled off the biggest crime in British history in terms of the amount of cash stolen.

How did the fraud take place

• Banking security officials in Malaysia had noted a double transaction, prompting 'cause for concern'. Channa had used a global financial holding account where vast amounts are paid in then removed. At the close of daily trading, the account should register zero.

• But Channa had inexplicably forgotten to change it and his holding account was showing a massive debt.

How it was detected

• Channa's decision to execute the crime on a Friday.

• Had Channa committed the fraud during the active trading of the working week, his scam may have remained undetected.

How it was detected

• Even though in reality the money had gone, and the theft had taken place by the time officials were aware of it, HSBC officials contacted both Barclays and the bank in Morocco and the transferred £72m was frozen and returned to HSBC.

• Meanwhile, City of London police arrested, but quickly released, the two colleagues whose identities Channa had stolen.

How it was remediated

• Five days after committing the transaction, Channa was arrested.

• The following day Channa was charged with conspiracy to defraud, money laundering and abuse of trust. Within a week of committing the fraud, he was facing jail.


• Yet for the police and international banks, the inquest had only just begun. Even now, officers have no idea for how long the crime was being planned.


How to Protect yourself from frauds as a bank?

How to protect yourself from Banking Frauds as a consumer?

Questions?

Thank You

banking frauds

Business