Modern Bank Fraud

Presented by

Steve Cross Regional Manager

SunTrust Bank Security

Fraud Is Changing…..

From a crime utilizing paper and pen to theft by keyboard, Bank Fraud investigators must transition with it and learn to adopt new methods that take advantage of technology to turn the tables on the criminals.

Lets review the most popular techniques used by the modern Fraudster to steal from bank’s and their customers….

Malware - What is a Trojan Virus?

A Trojan (As in Trojan Horse, get it?) is a type of malware that is disguised to appear useful, routine, or interesting in order to persuade a victim to install it. The injection vehicle is typically an email with an attachment or a website link. Trojans are used by thieves and hackers to gain access to computers. Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems.

Once activated, Trojans can enable cyber-criminals to spy on you, steal your sensitive data, and gain backdoor access to your system. Two of the most popular are….

The Banking Trojan

Trojan-Banker programs are designed to steal your account data for online banking systems, e-payment systems, and credit or debit cards. It searches for specific “cookie” files related to personal finance which have been stored on the computer by financial websites during a legitimate Internet visit.

Once the data is captured the malware is programmed to “phone home” and transfer the information to the Fraudster who can log-in at will and access your funds as though they are you. By far the most successful was “Zeus”….

ZEUS

Unleased in 2007, Zeus was the first banking trojan to be hugely successful. It became so popular that it was actually sold to criminals by it’s inventor!

It has infected tens of millions of machines and resulted in the theft of hundreds of millions of dollars until it’s creator called it quits in 2011. Hundreds of individuals served or are serving jail time for their involvement in Zeus-related scams.

The Ransom Trojan

This type of Trojan can modify your computer so that it blocks access to specific data or “locks” the machine all together. Scary screen pop-ups appear threatening users and intimidating them into paying to release their device (the ransom). The criminal pledges to unblock your data after you have paid them the ransom money that they demand, usually $200-$300, always via untraceable methods.

By far the most successful are “CryptoLocker / CryptoWall” which are very active today. Even the FBI admits there is no way

to unlock the computer without paying….

Typical Ransom Pop-Ups

Smart Phones Smart phones are the fastest adopted technology in the history of mankind. In 2014, 1.3 billion new smart phones were purchased by consumers throughout the world while in 2015 predictions are that another 2 billion devices will be shipped.

Smart phones are actually 5% phone and 95% computer and the crooks are targeting them in the same way – for the same reasons. Email attachments / links and unscreened apps are the injection tools.

Android devices are generally more vulnerable than Apple due to operating system strength and the security of Apple Store applications. But like a PC no phone is bulletproof.

How Do I Protect My Phone?

• Passwords! This is the simplest step you can take for safety if lost or stolen. Make sure it is a strong password that is not similar to or associated with any other personal information.

• Install Security Software. Many companies offer security software designed especially for smartphones. But you gotta download the software updates to be fully secure.

• Watch what you’re doing on the phone. The same precautions taken while on your home computer apply to your smartphone. Double check URLs for accuracy, don’t open suspicious links, and make sure a site is secure (https) before giving any billing or personal information. We wary of TMs from unidentified numbers with links or attachments.

• Limit your activities while using public Wi-Fi. Try not to make purchases or access email while using a public hotspot. Public Wi-Fi is targeted by hackers since they’re unsecured and provide direct access to your mobile device. Use your 3G or 4G network provider connection instead as its more secure than using public Wi-Fi

Business Email Compromise

The scammers send an email to a company employee, usually in the finance department, pretending to be from the CEO or senior executive which include bogus wire transfer requests.

Fraudsters often register domains very similar to the target company. Example: if the target is a user at georgiabankers.com, they’d create georgiabankers1.com, so the email comes from kathy.friestad@georgiabankers1.com. Many times the slight difference isn’t noticed until its too late.

Since many companies have strict controls (like dual approvals) for large wires, the scammers often submit requests for lower amounts hoping looser controls will increase the success rate. If successful, they frequently continue to submit additional requests until the scam is detected.

How Big a Deal Is This?

• Perpetrators are believed to be members of organized crime groups from Africa, Eastern Europe, and the Middle East. They often target businesses that work with foreign suppliers or regularly perform wire transfer payments.

• Since the FBI’s Internet Crime Complaint Center (IC3) began tracking BEC scams in late 2013, it has compiled statistics on more than 7,000 U.S. companies that have been victimized—with total dollar losses exceeding $740 million. And that doesn’t include victims outside the U.S.!

Mobile Banking Fraud

Branch bank visits are declining at 6% per year as clients utilize electronic banking channels. Fraudsters “hide in the weeds” of

all this traffic to create accounts, deposit bad checks and transfer funds without ever producing a photograph. Investigators are slow to learn how to take advantage of technology to identify suspects. It’s IT tricky and each bank’s application is different.

And juries watch too much CSI on TV.

QUESTIONS ?