The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved. -1--1- Incident 1 Regional Bank in the.

Slides:



Advertisements
Similar presentations
Credit Card Processing 101
Advertisements

ING Fraud Collection GPCE Credit Union has arranged a collection of scams, outlining the most prevalent financial scams. We want our members to be aware,
Identity theft Protecting your credit identity. Identity Theft Three hundred forty three million was lost from consumers in 2002 The number of complaints.
Part I: Making Good Online Choices
Banking. Agenda Start time: ____ Break time: ____ (10 minutes) End time: ____ Please set phones to silent ring and answer outside of the room.
1.7.6.G1 © Family Economics & Financial Education –March 2008 – Financial Institutions – Online Banking – Slide 1 Funded by a grant from Take Charge America,
Prepared for: Presented by: Risky Business 2012 Conference Tony La Rosa, Manager Mid-Iowa Credit Counseling Park Fair Mall 100 E. Euclid Ave., Ste. 157.
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
Friday June 6, 2014 OBJ: SWBAT understand what identity theft is, what the consequences are, and how to prevent it. Drill: What statement is this cartoon.
1. What is Identity Theft? 2. How Do Thieves Steal An Identity? 3. What Do Thieves Do with Stolen Identities? 4. What Can I Do To Avoid Becoming a Victim?
Deter, Detect, Defend: The FTC’s Program on Identity Theft.
1 Identity Theft and Phishing: What You Need to Know.
BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.
Identity Theft Someone steals your personal information for his/her own gain It’s a crime!
What is identity theft, and how can you protect yourself from it?
1.3.1.G1 © Family Economics & Financial Education – Revised October 2004 – Consumer Protection Unit – Identity Theft Funded by a grant from Take Charge.
David Abarca, Instructor Del Mar College Computer Corner Phishing, Pharming, Spear-Phishing, and now…. Vishing.
1 Identity Theft: What You Need to Know. 2 Identity Theft Identity theft is a crime of stealing key pieces of someone’s identifying information, such.
Substitute FAQs SubFinder Overview. FAQs Do I have to have touch-tone service to use SubFinder? No, but you do need a telephone that can be switched from.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
1.7.2.G1 Electronic/Online Banking & Bill Pay Take Charge of Your Finances.
1.7.6.G1 © Family Economics & Financial Education –March 2008 – Financial Institutions – Online Banking Funded by a grant from Take Charge America, Inc.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
© Oklahoma State Department of Education. All rights reserved. 1 Beware! Consumer Fraud Standard 9. 1 Fraud and Identity Theft.
Electronic Payment By: El Panda. What is an electronic payment? Electronic money (also known as e-currency, e-money, electronic cash, electronic currency,
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?
COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.
Beware! Consumer Fraud Module 9.1.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
Cyber Crimes.
STAY CONNECTED TOLLFREEEXPRESS CONTROL PANEL GUIDE.
3.1.G1 © Family Economics & Financial Education – Revised October 2004 – Consumer Protection Unit – Identity Theft Funded by a grant from Take Charge America,
Identity Theft  IDENTITY THEFT occurs when someone wrongfully acquires and uses a consumer’s personal identification, credit, or account information.
Agent Activation Portal. Capabilities New Customer Activation New Customer Activation Status Existing Customer Verifications Check rate plans, contract.
© Oklahoma State Department of Education. All rights reserved. 1 Beware! Consumer Fraud Standard 9. 1 Fraud and Identity Theft.
BTT12OI.  Do you know someone who has been scammed online? What happened?  Been tricked into sending someone else money (not who they thought they were)
About Phishing Phishing is a criminal activity using social engineering techniques.criminalsocial engineering Phishers attempt to fraudulently acquire.
Phishing Internet scams. Phishing phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and.
Topic 5: Basic Security.
Protecting Yourself from Fraud including Identity Theft Advanced Level.
By: Asfa Khan and Huda Mukhtar
Jeff loses his identity! Lesson 8: Identity Theft.
INTRODUCTION & QUESTIONS.
Protecting Yourself from Fraud including Identity Theft Personal Finance.
Identity Theft PD Identity Theft Identity theft is a serious crime which can: Cost you time and money Destroy your.
Protecting Yourself from Fraud including Identity Theft Advanced Level.
1.7.2.G1 © Family Economics & Financial Education – Revised May 2005 – Financial Institutions Unit – Electronic Banking Funded by a grant from Take Charge.
Unit Five Your Money – Keeping It Safe and Secure Identity Theft Part II Resource: NEFE High School Financial Planning Program.
Sources of Network Intrusion Security threats from network intruders can come from both internal and external sources.  External Threats - External threats.
WHAT IS IDENTITY THEFT?  Identity thieves take your personal information and use it to harm you in various ways, including these:  User names, passwords,
Issues for Computer Users, Electronic Devices, Computer and Safety.
Mobile Money 1/37 Fiserv Mobile Money Staff Education © 2010 Beavercreek Marketing, a division of Beavercreek Inc. All rights reserved. All trademarks.
SAP – our anti-hacking software. Banking customers can do most transactions, payments and transfer online, through very secure encrypted connections.
Jeff loses his identity! Lesson 5: Identity Theft.
Wegus InfoTech Pvt. Ltd. Wegus InfoTech Pvt. Ltd. Inspiring Business Performance SMS for Banks and Insurance Companies.
WHAT YOU NEED TO KNOW Chevron Federal Credit Union Great Rates. Personal Service. chevronfcu.org  
E-C OMMERCE : T HE E -C ONSUMER AND THE ATTACKS AGAINST THE PERSONAL DATA Nomikou Eirini Attorney at Law, Piraeus Bar Association Master Degree in Web.
Outline of this module By the end of this module, you will be able to: Understand the benefits that internet banking provides; Name the different dangers.
CNP Fraud. Occurs when a fraudster falsifies an application to acquire a credit card using an individual’s personal information. (Eg: postal intercept)
Identity Theft It’s a crime!
Mrs. Esman Computer Special
Take Charge of your Finances
Take Charge of your Finances
Cybersecurity Awareness
Information Security Session October 24, 2005
Protecting Yourself from Fraud including Identity Theft
Business Compromise and Cyber Threat
Take Charge of your Finances
Founded in 2002, Credit Abuse Resistance Education (CARE) educates high school and college students on the responsible use of credit and other fundamentals.
Presentation transcript:

The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved Incident 1 Regional Bank in the nations Heartland with $1B in assets Phase I : Reconnaisance Collect all of publicly available bank customers information Phase II : Collection Aggressively Phish the bank customers with targetted s Text Message Phish clients "Vish" the clients Phase III : Monetization Shared stolen information with "money mules" in United States and received 50% of the proceeds

The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved Vishing Vishing is the practice of leveraging Voice over Internet Protocol (VoIP) technology to trick private personal and financial information from the public for the purpose of financial reward. The term is a combination of "voice" and phishing. Vishing using social engineering techniques.Voice over Internet ProtocolVoIP phishingsocial engineering Vishing exploits the public's trust in landline telephone services, which have traditionally terminated in physical locations which are known to the telephone company, and associated with a bill-payer. However, with the advent of VoIP, telephone services may now terminate in computers, which are far more susceptible to fraudulent attacks than traditional "dumb" telephony endpoints.

The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved Attack Process The criminal configures a war dialer to call phone numbers in a given region. In this Incident criminals setup numbers in the local exchangewar dialer When the phone is answered, an automated recording is played to alert the consumer that their credit card has had fraudulent activity and the consumer should call the following phone number immediately. The phone number could be a toll free number often with a spoofed caller ID for the financial company they are pretending to represent. When the consumer calls the number, it is answered by a typical computer generated voice that tells the consumer they have reached account verification and instructs the consumer to enter their 16-digit credit card number on the key pad. Once the consumer enters their credit card number, the visher has all of the information necessary to place fraudulent charges on the consumer's card. The call can then be used to harvest additional details such as security PIN, expiry date, date of birth, bank account number, etc.

The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved Dear Bank Customer, (Personal introduction including bank name) We have detected fraudulent activity against your credit card and have temporarily disabled it. We ask that you please contact our fraud department immediately at In the meantime you will not be able to use your credit card. If you do not contact us we will allow the charges to post against your account and you will be responsible for paying for them. Again the number is (LOCAL EXCHANGE NUMBER, changed several times) Not paying will result in a late payment report being filed with the credit agencies. the number is Introduction Call

The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved Thank you for contacting the Fraud department, we are committed to protecting your identity. At anytime you may press 0 to talk to an customer service agent. We are experiencing a high call volume and the current wait time is 37 minutes. We appreciate your business and thank you for being a customer. In order to provide accurate and reliable service please say your name. Thank you, please enter your credit card number. Please enter the expiration date as two digits for the month followed by two digits for the year. Please enter the C V V number located on the back of the card followed by pound. Return Call from Target

The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved Emerging threats Example Romanian Hacking Group Government instituted reforms to educate younger generations in technology to get out of Russian control Generations of organized, specialized, highly trained, out of work technologists Romania has one of the poorest economies in the European Union Anti-American sentiment and culture that supports Unskilled and poorly equiped law enforcement

The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved Russia - Georgia Conflict Physical and cyber warfare operations coincided with the final "All Clear" for Russian Air Force between 0600 and 0700 on August 9,2008 Physical and cyber warfare shared targets, media outlets and local government communication systems in the city of Gori Further cyber warfare operations against new targets in Gori coincided with traditional physical warfare target

The Information Security Experts Copyright © 2008 SecureWorks, Inc. All rights reserved Incident 3 Malware Installed on target's machine Gmail username and password stolen Criminals track personal life of target Learn target is going to Hawaii for 2 weeks When the target leaves they Have his postal mail forwarded ( Get his phone number changed Get his cell phone disconnected Fill his account with porn. Steal $1,000, from account Bank can not contact customer and allow transfer to occur

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.