Presentation is loading. Please wait.

Presentation is loading. Please wait.

© Copyright 2015 EMC Corporation. All rights reserved. 1 RSA FRAUDACTION DANIEL COHEN * FRAUDACTION ANTI-FRAUD SERVICES.

Published byBeverley Murphy Modified over 8 years ago

Similar presentations

Presentation on theme: "© Copyright 2015 EMC Corporation. All rights reserved. 1 RSA FRAUDACTION DANIEL COHEN * FRAUDACTION ANTI-FRAUD SERVICES."— Presentation transcript:

1 © Copyright 2015 EMC Corporation. All rights reserved. 1 RSA FRAUDACTION DANIEL COHEN * FRAUDACTION ANTI-FRAUD SERVICES

2 © Copyright 2015 EMC Corporation. All rights reserved. FRAUDACTION: EVOLUTION 2004 200620072008 2011 2012 201320142015 Anti-Phishing Service Established the AFCC and launched the industry’s first Anti-Phishing solution. Anti-Phishing Service Established the AFCC and launched the industry’s first Anti-Phishing solution. FraudAction Intelligence Intelligence operations launched in the deep web to monitor and report on cybercrime activities. FraudAction Intelligence Intelligence operations launched in the deep web to monitor and report on cybercrime activities. Cybercrime Intelligence Leveraging our expertise in malware and intelligence, CCI provides Threat Intelligence to help protect enterprises. Cybercrime Intelligence Leveraging our expertise in malware and intelligence, CCI provides Threat Intelligence to help protect enterprises. Anti-Trojan Service With the growing malware threat, RSA establishes the FraudAction Malware Research Lab and launches the Anti-Trojan Service Anti-Trojan Service With the growing malware threat, RSA establishes the FraudAction Malware Research Lab and launches the Anti-Trojan Service Anti-Rogue App Service Launched to mitigate the growing threat of rogue mobile apps. Anti-Rogue App Service Launched to mitigate the growing threat of rogue mobile apps. FraudAction 360 A single, holistic external threat management service. FraudAction 360 A single, holistic external threat management service. Advanced Fraud Intelligence Actionable and insightful Fraud Intelligence to help protect your customers. Advanced Fraud Intelligence Actionable and insightful Fraud Intelligence to help protect your customers. 2 © Copyright 2015 EMC Corporation. All rights reserved.

3 3 Over 120 analysts and malware researchers globally Multi-lingual cybercrime intelligence operation 100s millions of URLs scanned and qualified per day Over 400,000 malware samples analyzed per week Take-down between 30K-60K attacks per month 100s millions of compromised credentials recovered to date FRAUDACTION: OPERATION

4 © Copyright 2015 EMC Corporation. All rights reserved. mouseOverIntel VB place holder *do not delete* mouseOutIntel VB place holder *do not delete* mouseOver360 VB place holder *do not delete* mouseOut360 VB place holder *do not delete* FRAUDACTION: SERVICES

5 © Copyright 2015 EMC Corporation. All rights reserved. 5 FRAUDACTION 360 A HOLISTIC EXTERNAL THREAT MANAGEMENT SERVICE

6 © Copyright 2015 EMC Corporation. All rights reserved. time ► Click a box above for more info… FRAUDACTION 360: TAKING ACTION! Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Deliverables Service deliverables include reports, data feeds, and recovered compromised data. Deliverables Service deliverables include reports, data feeds, and recovered compromised data. ◄ Back to FA Services

7 © Copyright 2015 EMC Corporation. All rights reserved. Global detection network comprising mail hosts, spam filters, social networks, honeypots and more Proprietary technology to identify rogue mobile apps Machine-driven static and dynamic analysis, and human qualification 100s millions of URLs scanned per day; 10s thousands of malware samples analyzed per day FRAUDACTION 360: TAKING ACTION! time ► ◄ Back to FA Services Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Deliverables Service deliverables include reports, data feeds, and recovered compromised data. Deliverables Service deliverables include reports, data feeds, and recovered compromised data.

8 © Copyright 2015 EMC Corporation. All rights reserved. Attacks are sent to our global network immediately upon detection Our blocking network includes Microsoft, Google and other major Internet entities Blocking takes place on browsers (including mobile), spam filters, network gateways and more FRAUDACTION 360: TAKING ACTION! time ► ◄ Back to FA Services View Sample Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Deliverables Service deliverables include reports, data feeds, and recovered compromised data. Deliverables Service deliverables include reports, data feeds, and recovered compromised data.

9 © Copyright 2015 EMC Corporation. All rights reserved. Upon detection, attack notifications are sent to a pre-defined contact list The attack evidence is then documented including screen captures and basic forensic information All information and attack status is updated in real-time on our online dashboard API access is also available FRAUDACTION 360: TAKING ACTION! time ► ◄ Back to FA Services View Dashboard Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Deliverables Service deliverables include reports, data feeds, and recovered compromised data. Deliverables Service deliverables include reports, data feeds, and recovered compromised data.

10 © Copyright 2015 EMC Corporation. All rights reserved. Once the immediate actions have been taken, our analysts work to gain deeper forensic visibility Forensic work includes: phishing kit analysis, malware analysis, app analysis Forensic data such as malware configuration files and compromised credentials are updated on the dashboard FRAUDACTION 360: TAKING ACTION! time ► ◄ Back to FA Services Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Deliverables Service deliverables include reports, data feeds, and recovered compromised data. Deliverables Service deliverables include reports, data feeds, and recovered compromised data.

11 © Copyright 2015 EMC Corporation. All rights reserved. The AFCC maintains relationships with over 17,000 Internet entities around the world including CERT’s, ISPs, Web hosts and others Our shutdown times are amongst the fastest in the industry After shutdown, attack activity is monitored and you will be alerted if the attack re-launches FRAUDACTION 360: TAKING ACTION! time ► ◄ Back to FA Services Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Deliverables Service deliverables include reports, data feeds, and recovered compromised data. Deliverables Service deliverables include reports, data feeds, and recovered compromised data.

12 © Copyright 2015 EMC Corporation. All rights reserved. Reports, including: ThreatReports, Trojan analysis and periodical newsletters Data feeds, including: Bad IPs, mule accounts, item drops, credit cards, recovered credentials and more FRAUDACTION 360: TAKING ACTION! time ► ◄ Back to FA Services Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Deliverables Service deliverables include reports, data feeds, and recovered compromised data. Deliverables Service deliverables include reports, data feeds, and recovered compromised data.

13 © Copyright 2015 EMC Corporation. All rights reserved. mouseOverFraud VB place holder *do not delete* mouseOutFraud VB place holder *do not delete* mouseOverThreat VB place holder *do not delete* mouseOutThreat VB place holder *do not delete* CYBER INTELLIGENCE INSIGHTFUL AND ACTIONABLE VISIBILITY INTO THE THREAT LANDSCAPE …protecting your customers Advanced Fraud Intelligence …protecting your organization Cybercrime Threat Intelligence ◄ Back to FA Services

14 © Copyright 2015 EMC Corporation. All rights reserved. “Bad” IPs Compromised Payment Cards Compromised Emails (consumer) Compromised Bank Accounts Payment Card “Previews” Mules and Drops Attribution TTPs ADVANCED FRAUD INTELLIGENCE: PHILOSOPHY * “Pyramid of Pain” concept originally by David BiancoDavid Bianco THE FRAUD “PYRAMID OF PAIN” * ◄ Skip to Service Components

15 © Copyright 2015 EMC Corporation. All rights reserved. THREATTRACKER: OVERVIEW phishing malware HUMINT OSINT HUMINT OSINT Consolidate Correlate Contextualize Threat Clusters Threat Vectors Threat Actors ThreatTracker ◄ Skip to Service Components

16 © Copyright 2015 EMC Corporation. All rights reserved. THREATTRACKER: CLUSTERS Threat Clusters link attacks together to provide a clearer view of the threat Threat Clusters can help prioritize and focus mitigation efforts How do we cluster? ◄ Skip to Service Components

17 © Copyright 2015 EMC Corporation. All rights reserved. THREATTRACKER: VECTORS Threat Vectors analyze data elements harvested from attacks to predict fraud methods Threat Vectors can help identify weak channels and focus mitigation How are vectors analyzed? ◄ Skip to Service Components

18 © Copyright 2015 EMC Corporation. All rights reserved. THREATTRACKER: ACTORS Threat Actors provides information on the individual(s) behind the attacks Threat Actors is based on in-depth analysis of attacks as well as active HUMINT operations ◄ Skip to Service Components

19 © Copyright 2015 EMC Corporation. All rights reserved. THREATTRACKER: SUMMARY A powerful tool that can allow your organization, at a glance, to better understand the threats it faces, assess them, and plan mitigation accordingly. Click to view a sample ◄ Skip to Service Components

20 © Copyright 2015 EMC Corporation. All rights reserved. ADVANCED FRAUD INTELLIGENCE: COMPONENTS ◄ Back to Intelligence Services Click a box above for more info… TARGETEDGENERAL IntelligenceData FeedsResearchThreatTrackerThreatReportsData Feeds

21 © Copyright 2015 EMC Corporation. All rights reserved. ADVANCED FRAUD INTELLIGENCE: COMPONENTS ◄ Back to Intelligence Services Reports on intelligence findings that relate specifically to your brand. Alerts are sent out immediately and provide as much actionable intelligence as possible. Sources include closed-source underground venues, OSINT and HUMINT. TARGETEDGENERAL IntelligenceData FeedsResearchThreatTrackerThreatReportsData Feeds View the Underground

22 © Copyright 2015 EMC Corporation. All rights reserved. ADVANCED FRAUD INTELLIGENCE: COMPONENTS ◄ Back to Intelligence Services Machine-readable feeds that provide intelligence that is associated with your organization. Feeds include “CC Previews”, compromised accounts, mule accounts and more. TARGETEDGENERAL IntelligenceData FeedsResearchThreatTrackerThreatReportsData Feeds

23 © Copyright 2015 EMC Corporation. All rights reserved. ADVANCED FRAUD INTELLIGENCE: COMPONENTS ◄ Back to Intelligence Services With the continued strain placed on security teams, the ability to carry out research requests and investigations is limited. Targeted Research provides you with the ability to request research and investigations into different indicators - on demand. It also provides you with an actionable conduit into the underground. TARGETEDGENERAL IntelligenceData FeedsResearchThreatTrackerThreatReportsData Feeds

24 © Copyright 2015 EMC Corporation. All rights reserved. ADVANCED FRAUD INTELLIGENCE: COMPONENTS ◄ Back to Intelligence Services Provides information on Threat Clusters, Threat Vectors, and Threat Actors. Based on correlated data from phishing attacks, malware attacks and underground intelligence. Can help assess risk and identify methods used by fraudsters to defraud your customers. TARGETEDGENERAL IntelligenceData FeedsResearchThreatTrackerThreatReportsData Feeds ThreatTracker Sample

25 © Copyright 2015 EMC Corporation. All rights reserved. ADVANCED FRAUD INTELLIGENCE: COMPONENTS ◄ Back to Intelligence Services Include information about general emerging threats, or interesting trends. May be actionable at times. Reports may include methods discussed by fraudsters, malware operations and more. TARGETEDGENERAL IntelligenceData FeedsResearchThreatTrackerThreatReportsData Feeds

26 © Copyright 2015 EMC Corporation. All rights reserved. ADVANCED FRAUD INTELLIGENCE: COMPONENTS ◄ Back to Intelligence Services Machine-readable feeds that provide intelligence that is either associated with your organization or is general by nature. Feeds include: Bad IPs, mule accounts, item drops, credit cards and more TARGETEDGENERAL IntelligenceData FeedsResearchThreatTrackerThreatReportsData Feeds

27 © Copyright 2015 EMC Corporation. All rights reserved. CYBERCRIME INTELLIGENCE: COMPONENTS ◄ Back to Intelligence Services Click a box above for more info… Threat Intelligence Blacklists

28 © Copyright 2015 EMC Corporation. All rights reserved. CYBERCRIME INTELLIGENCE: COMPONENTS ◄ Back to Intelligence Services Identify corporate resources that have been compromised or are at risk of compromise. Our data sources include: malware operations, OSINT (including social media), closed-source underground venues, “paste sites” and more. Findings include: corporate credentials, infected corporate machines, abused corporate machines, compromised corporate email accounts and others. Threat Intelligence Blacklists See Examples

29 © Copyright 2015 EMC Corporation. All rights reserved. CYBERCRIME INTELLIGENCE: COMPONENTS ◄ Back to Intelligence Services Blacklists further help identify infected machines within the organization. They can also be used to prevent communication from/to malicious points. Blacklists are machine consumable data feeds and include: malicious hosts, potential malicious hosts and malware communication patterns. Threat Intelligence Blacklists

30 © Copyright 2015 EMC Corporation. All rights reserved. QUESTIONS? ◄ Back to FA Services

31 EMC, RSA, the EMC logo and the RSA logo are trademarks of EMC Corporation in the U.S. and other countries.

32 © Copyright 2015 EMC Corporation. All rights reserved. Attacks are sent to our global network immediately upon detection Our blocking network includes Microsoft, Google and other major Internet entities Blocking takes place on browsers (including mobile), spam filters, network gateways and more FRAUDACTION 360: TAKING ACTION! time ► Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Deliverables Service deliverables include reports, data feeds, and recovered compromised data. Deliverables Service deliverables include reports, data feeds, and recovered compromised data.

33 © Copyright 2015 EMC Corporation. All rights reserved. Attacks are sent to our global network immediately upon detection Our blocking network includes Microsoft, Google and other major Internet entities Blocking takes place on browsers (including mobile), spam filters, network gateways and more FRAUDACTION 360: TAKING ACTION! time ► Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Deliverables Service deliverables include reports, data feeds, and recovered compromised data. Deliverables Service deliverables include reports, data feeds, and recovered compromised data.

34 © Copyright 2015 EMC Corporation. All rights reserved. Upon detection, attack notifications are sent to a pre-defined contact list The attack evidence is then documented including screen captures and basic forensic information All information and attack status is updated in real-time on our online dashboard API access is also available FRAUDACTION 360: TAKING ACTION! time ► Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Deliverables Service deliverables include reports, data feeds, and recovered compromised data. Deliverables Service deliverables include reports, data feeds, and recovered compromised data.

35 © Copyright 2015 EMC Corporation. All rights reserved. Upon detection, attack notifications are sent to a pre-defined contact list The attack evidence is then documented including screen captures and basic forensic information All information and attack status is updated in real-time on our online dashboard API access is also available FRAUDACTION 360: TAKING ACTION! time ► Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Deliverables Service deliverables include reports, data feeds, and recovered compromised data. Deliverables Service deliverables include reports, data feeds, and recovered compromised data.

36 © Copyright 2015 EMC Corporation. All rights reserved. Upon detection, attack notifications are sent to a pre-defined contact list The attack evidence is then documented including screen captures and basic forensic information All information and attack status is updated in real-time on our online dashboard API access is also available FRAUDACTION 360: TAKING ACTION! time ► Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Detection & Qualification Proactive detection of phishing, malware and rogue app incidents, leveraging numerous detection sources. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Blocking Our global blocking network prevents further vend-users from falling victim by preventing access to malicious content. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Documenting & Reporting Access to attack information and status is provided by our online dashboard or via API access. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Forensics & Analysis In depth analysis of phishing kits, malware samples and mobile apps. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Shutdown Our strong ties in the industry, cultivated by over a decade of operations, enable us to shutdown attacks quickly. Deliverables Service deliverables include reports, data feeds, and recovered compromised data. Deliverables Service deliverables include reports, data feeds, and recovered compromised data.

37 © Copyright 2015 EMC Corporation. All rights reserved. Reports on intelligence findings that relate specifically to your brand. Alerts are sent out immediately and provide as much actionable intelligence as possible. Sources include closed-source underground venues, OSINT and HUMINT. TARGETEDGENERAL IntelligenceData FeedsResearchThreatTrackerThreatReportsData Feeds ADVANCED FRAUD INTELLIGENCE: COMPONENTS

38 © Copyright 2015 EMC Corporation. All rights reserved. Reports on intelligence findings that relate specifically to your brand. Alerts are sent out immediately and provide as much actionable intelligence as possible. Sources include closed-source underground venues, OSINT and HUMINT. TARGETEDGENERAL IntelligenceData FeedsResearchThreatTrackerThreatReportsData Feeds ADVANCED FRAUD INTELLIGENCE: COMPONENTS

39 © Copyright 2015 EMC Corporation. All rights reserved. Reports on intelligence findings that relate specifically to your brand. Alerts are sent out immediately and provide as much actionable intelligence as possible. Sources include closed-source underground venues, OSINT and HUMINT. TARGETEDGENERAL IntelligenceData FeedsResearchThreatTrackerThreatReportsData Feeds ADVANCED FRAUD INTELLIGENCE: COMPONENTS

40 © Copyright 2015 EMC Corporation. All rights reserved. Reports on intelligence findings that relate specifically to your brand. Alerts are sent out immediately and provide as much actionable intelligence as possible. Sources include closed-source underground venues, OSINT and HUMINT. TARGETEDGENERAL IntelligenceData FeedsResearchThreatTrackerThreatReportsData Feeds ADVANCED FRAUD INTELLIGENCE: COMPONENTS

41 © Copyright 2015 EMC Corporation. All rights reserved. THREATTRACKER: CLUSTERS Threat Clusters link attacks together to provide a clearer view of the threat Threat Clusters can help prioritize and focus mitigation efforts

42 © Copyright 2015 EMC Corporation. All rights reserved. THREATTRACKER: CLUSTERS Threat Clusters link attacks together to provide a clearer view of the threat Threat Clusters can help prioritize and focus mitigation efforts

43 © Copyright 2015 EMC Corporation. All rights reserved. THREATTRACKER: VECTORS Threat Vectors analyze data elements harvested from attacks to predict fraud methods Threat Vectors can help identify weak channels and focus mitigation

44 © Copyright 2015 EMC Corporation. All rights reserved. CYBERCRIME INTELLIGENCE: COMPONENTS Identify corporate resources that have been compromised or are at risk of compromise. Our data sources include: OSINT (including social media), closed-source underground venues, malware operations, “paste sites” and more. Findings include: corporate credentials, infected corporate machines, abused corporate machines, compromised corporate email accounts and others. Threat Intelligence Blacklists

Download ppt "© Copyright 2015 EMC Corporation. All rights reserved. 1 RSA FRAUDACTION DANIEL COHEN * FRAUDACTION ANTI-FRAUD SERVICES."

Similar presentations

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.
HQ in Israel Threat research, security operations center 24/7. In-depth understanding and insight into how cyber crime works. Over 10 million online identities.

HQ in Israel Threat research, security operations center 24/7. In-depth understanding and insight into how cyber crime works. Over 10 million online identities.
George Tubin Senior Analyst Consumer Banking © 2005 The Tower Group, Inc. May not be reproduced by any means without express permission. All rights reserved.

George Tubin Senior Analyst Consumer Banking © 2005 The Tower Group, Inc. May not be reproduced by any means without express permission. All rights reserved.
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Supplied on \web site. on January 10 th, 2008 Customer Security Management Reducing Internet fraud June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited.

Supplied on \web site. on January 10 th, 2008 Customer Security Management Reducing Internet fraud June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited.
1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC

1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.
Travel and Expense Management Scenario Overview

Travel and Expense Management Scenario Overview
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
IBM Security Network Protection (XGS)

IBM Security Network Protection (XGS)
Protecting Against Online Fraud F5 SIT Forum

Protecting Against Online Fraud F5 SIT Forum
Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.

Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.

Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.
Commercial eSecurity Training and Awareness. Common Online Threats Most electronic fraud falls into one of three categories:  PHISHING – Fraudulent emails.

Commercial eSecurity Training and Awareness. Common Online Threats Most electronic fraud falls into one of three categories:  PHISHING – Fraudulent s.
Steering Committee CSRIC Working Group 2A Cyber Security Best Practices October 7, 2010.

Steering Committee CSRIC Working Group 2A Cyber Security Best Practices October 7, 2010.
Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009.

Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009.

Similar presentations

Ads by Google