Presentation is loading. Please wait.

Presentation is loading. Please wait.

U.S. Department of Homeland Security United States Secret Service MCPF PRESENTATION Evolving Financial CrimeTrends & The Gateway ECTF ASAIC Doug Roberts.

Published byRoss Joseph Modified over 8 years ago

Similar presentations

Presentation on theme: "U.S. Department of Homeland Security United States Secret Service MCPF PRESENTATION Evolving Financial CrimeTrends & The Gateway ECTF ASAIC Doug Roberts."— Presentation transcript:

1 U.S. Department of Homeland Security United States Secret Service MCPF PRESENTATION Evolving Financial CrimeTrends & The Gateway ECTF ASAIC Doug Roberts

2 U.S. Department of Homeland Security United States Secret Service Financial Crimes Investigations Evolving Trends  Crimes are getting more complex with larger fraud losses  Increasing use of new technologies  Multiple suspects involved in higher percentage of investigations  Organized crime and international links  Eastern Europe; Ukraine, Romania, Bulgaria, etc  U.S. is not alone. Australia, Spain, UK, etc

3 U.S. Department of Homeland Security United States Secret Service Financial Crimes Investigations How Account Numbers Are Obtained Consumer Level:  Card skimming  ATM skimming  Gas pump skimming  Wireless skimming  Phishing Industry Level:  Network Intrusions / Data Breaches  Collusive employees  Malware, Trojans, Worms

4 U.S. Department of Homeland Security United States Secret Service Financial Crimes Investigations What is ATM Skimming?  The copying of account information that is electronically stored on a bank card during an attempt to use an ATM. This is coupled with a stolen PIN via pin hole camera, keypad overlay, etc.  The stolen data/information is re-encoded on “white plastic” or counterfeit cards to make unauthorized withdrawals.

5 U.S. Department of Homeland Security United States Secret Service Average Bank Robbery Loss: $4,854 Average ATM Skimming Loss: $33,000 Financial Crimes Investigations The Cost of ATM Skimming

6 U.S. Department of Homeland Security United States Secret Service The equipment is available over the Internet. The software and hardware are very user friendly and extremely mobile. The skimmed information can be transmitted via e-mail anywhere in the world within hours after it is skimmed. Skimming devices attached to ATM’s to read users' card details increasingly return their data to criminals via SMS text messages. The new generation of skimming devices no longer store the data over a period of time for later collection, but transmit it via SMS direct to the criminals, allowing them to clone accounts from the comfort of their own living room. Financial Crimes Investigations Why is Skimming popular

7 U.S. Department of Homeland Security United States Secret Service Fraudulent transactions frequently occur within 24-48 hours of the compromise Financial Crimes Investigations Skimming Usually the fraud stops after 10-14 days because the account is depleted or the criminals realize that the risk of the compromise being discovered is greater Usually do not skim cards at any one location for more than a couple of days.

8 U.S. Department of Homeland Security United States Secret Service Financial Crimes Investigations ATM Skimming

9 U.S. Department of Homeland Security United States Secret Service PIN hole camera assembly mount placed above key pad to capture PINs Mounted over original ATM card reader Financial Crimes Investigations ATM Skimming

10 U.S. Department of Homeland Security United States Secret Service

11 U.S. Department of Homeland Security United States Secret Service

12 U.S. Department of Homeland Security United States Secret Service What Do The Criminals Do Next With The Information?

13 U.S. Department of Homeland Security United States Secret Service Counterfeit Card Lab

14 U.S. Department of Homeland Security United States Secret Service Counterfeit Cards “White Plastic”

15 U.S. Department of Homeland Security United States Secret Service “Dumped” Card Information is Transmitted Overseas and Sold on the Internet – Carding Portals

16 U.S. Department of Homeland Security United States Secret Service What are Carding Portals?  Transactional Site  Stolen Credit Card Data  Stolen Databases of Personal Information  Online Banking  Online Payment Systems  Online Credit Card Processors  Online Auction Fraud  Counterfeit Identity Documents  Recruitment  Finding Partners for Complex Fraud Schemes  Knowledge Sharing  Technical Vulnerabilities  Sensitive Info on How Financial System Works  How to Defeat Security and Anti- Fraud Measures  Criminal Infrastructure Provision  Hacking Services / Custom Malware Development  Phishing Services  Specialized Equipment (Card Writers, Embossers, Blank Credit Cards, Holograms, etc.)  Reshipping Services  Credit Reports and Personal Info Services

17 U.S. Department of Homeland Security United States Secret Service The St. Louis Metropolitan Area has started to see an increase in traveling groups committing fraud via skimmer and malware. Methods and vulnerabilities are often shared on the carding portals.

18 U.S. Department of Homeland Security United States Secret Service Sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments  BOTH  BOTH suppliers and their customers are victims of this scam  Targets CFO, CTO, or some high-ranking executive Compromise via social engineering or computer intrusion techniques Formerly known as the man-in-the-email scam, the BEC was renamed to focus on the business angle of this scam

19 U.S. Department of Homeland Security United States Secret Service Asian banks, located within China and Hong Kong, are the most commonly reported destination for these fraudulent transfers. The fraudsters will use the method most commonly associated with their victims’ normal business practices. (i.e. web-based email accounts, checks, wire transfers, company branding).

20 U.S. Department of Homeland Security United States Secret Service Version 1 Scenario One A business receiving a request for wire transfer  A request, on behalf of this business executive, is forwarded to a second employee for a wire transfer to a fraudster controlled bank account.  The second employee complies with the business executive’s request and sends the payment.  The fraudster spoofs or hacks a business executive’s email account and contacts the bank directly, asking for an “urgent wire transfer.”  The fraudster hacks or spoofs a business executive’s email account…usually the CFO, CTO, CO, etc. Version 1 Scenario One A business receiving a request for wire transfer  A request, on behalf of this business executive, is forwarded to a second employee for a wire transfer to a fraudster controlled bank account.  The second employee complies with the business executive’s request and sends the payment.  The fraudster spoofs or hacks a business executive’s email account and contacts the bank directly, asking for an “urgent wire transfer.”  The fraudster hacks or spoofs a business executive’s email account…usually the CFO, CTO, CO, etc.

21 U.S. Department of Homeland Security United States Secret Service Version 1 Scenario Two A business employee’s email An employee of business “A” has his/her email hacked, not spoofed. Requests for invoice payments are sent from this employee’s email to multiple customers identified from this employee’s contact list. These requests contain fraudster controlled accounts. Business “A” does not become aware of the multiple fraudulent requests until they are contacted by their customers. Version 1 Scenario Two A business employee’s email An employee of business “A” has his/her email hacked, not spoofed. Requests for invoice payments are sent from this employee’s email to multiple customers identified from this employee’s contact list. These requests contain fraudster controlled accounts. Business “A” does not become aware of the multiple fraudulent requests until they are contacted by their customers.

22 U.S. Department of Homeland Security United States Secret Service Characteristics of a Fraudulent Email Scam Email dates coincide with business travel dates for executives whose emails were spoofed  Fraudulent wire transfer requests are similar to normal business transaction amounts  Fraudsters use company branding, invoice formats, signatures of targeted supplier IP addresses frequently trace back to free domain registrars “code to admin expenses” or “urgent wire transfer”

23 U.S. Department of Homeland Security United States Secret Service Reducing the fraud has to be a collective effort between businesses (retail, corporate, and financial) and law enforcement. Success is obtained when there is communication.

24 U.S. Department of Homeland Security United States Secret Service The Task Force and Working Group approach enhances communications and builds relationships that enable those involved to solve problems and carry out specific missions.

25 U.S. Department of Homeland Security United States Secret Service National Computer Forensics Institute A collective effort between: * Department of Homeland Security * Secret Service * State of Alabama * Alabama District Attorneys Association * City of Hoover, Alabama **County of Shelby, Alabama

26 U.S. Department of Homeland Security United States Secret Service National Computer Forensics Institute NCFI training courses are offered to state and local law enforcement, prosecutors and judges through funding from the federal government. Travel, lodging, equipment (in some classes), and course fees are provided at no costs to attendees or their agencies. www.ncfi.usss.gov

27 U.S. Department of Homeland Security United States Secret Service The Gateway Electronic Crimes Task Force/Working Group is evolving to fit the current financial and electronic crime trends and climate. The Gateway Task Force will combine the communications and liaison efforts used through the Quarterly Meetings and advisements to address electronic crimes and financial crimes.

28 U.S. Department of Homeland Security United States Secret Service Doug Roberts Assistant Special Agent in Charge U.S. Secret Service St. Louis Field Office Office/Direct: 314/444-2815 Cell: 314/413-9076 douglas.roberts@usss.dhs.gov

Download ppt "U.S. Department of Homeland Security United States Secret Service MCPF PRESENTATION Evolving Financial CrimeTrends & The Gateway ECTF ASAIC Doug Roberts."

Similar presentations

Current Fraud Trends Kathy Druckenmiller, CFCI, CIRM, ACT Specialist April 29, 2014 4/29/2014.

Current Fraud Trends Kathy Druckenmiller, CFCI, CIRM, ACT Specialist April 29, /29/2014.
A Gift of Fire, 2edChapter 7: Computer Crime1 Computer Crime.

A Gift of Fire, 2edChapter 7: Computer Crime1 Computer Crime.
Fraud Trends and Organized White Collar Crime Presentation by Jeff Wahl, CFE.

Fraud Trends and Organized White Collar Crime Presentation by Jeff Wahl, CFE.
SEMINOLE COUNTY SHERIFF’S OFFICE

SEMINOLE COUNTY SHERIFF’S OFFICE
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
1. What is Identity Theft? 2. How Do Thieves Steal An Identity? 3. What Do Thieves Do with Stolen Identities? 4. What Can I Do To Avoid Becoming a Victim?

1. What is Identity Theft? 2. How Do Thieves Steal An Identity? 3. What Do Thieves Do with Stolen Identities? 4. What Can I Do To Avoid Becoming a Victim?
Deter, Detect, Defend: The FTC’s Program on Identity Theft.

Deter, Detect, Defend: The FTC’s Program on Identity Theft.
1 Identity Theft and Phishing: What You Need to Know.

1 Identity Theft and Phishing: What You Need to Know.
Computer Vulnerabilities & Criminal Activity Identity Theft & Credit Card Fraud 7.2 October 24, 2011.

Computer Vulnerabilities & Criminal Activity Identity Theft & Credit Card Fraud 7.2 October 24, 2011.
Warm Up: Identity Theft: Quick Write 1. What is Identity Theft? 2. What is Fraud?

Warm Up: Identity Theft: Quick Write 1. What is Identity Theft? 2. What is Fraud?
Time Share Fraud Investigations

Time Share Fraud Investigations
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
FORENSIC ACCOUNTING - BA124 - 2010Slide 12-1 Today’s Topics n Organizational Fraud n Consumer Fraud.

FORENSIC ACCOUNTING - BA Slide 12-1 Today’s Topics n Organizational Fraud n Consumer Fraud.
Holley Myers CSCI101 Lab Lecture Thursday 2:00 10/25/07.

Holley Myers CSCI101 Lab Lecture Thursday 2:00 10/25/07.
Australian High Tech Crime Centre What is cybercrime & trends Monday 5 November 2007.

Australian High Tech Crime Centre What is cybercrime & trends Monday 5 November 2007.
Payment Fraud Trends : What Can you do? Protect Yourself and Your Business from Financial Fraud.

Payment Fraud Trends : What Can you do? Protect Yourself and Your Business from Financial Fraud.
SMARTER. TOGETHER. Skimming Prevention: Overview of Best Practices August 5, 2014.

SMARTER. TOGETHER. Skimming Prevention: Overview of Best Practices August 5, 2014.
Identity-Theft is the fastest growing crime in America; 9.9 MILLION victims were reported last year, according to a Federal Trade Commission survey!

Identity-Theft is the fastest growing crime in America; 9.9 MILLION victims were reported last year, according to a Federal Trade Commission survey!
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.

COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.

Similar presentations

Ads by Google