Presentation is loading. Please wait.

Presentation is loading. Please wait.

CUTTING OFF THE HYDRA HEADS OF ACH WIRE FRAUD Presented by: Eigen Heald, MsIA, CISA, CISSP, CGEIT, CEH, GCFA.

Published byMillicent Franklin Modified over 9 years ago

Similar presentations

Presentation on theme: "CUTTING OFF THE HYDRA HEADS OF ACH WIRE FRAUD Presented by: Eigen Heald, MsIA, CISA, CISSP, CGEIT, CEH, GCFA."— Presentation transcript:

1 CUTTING OFF THE HYDRA HEADS OF ACH WIRE FRAUD Presented by: Eigen Heald, MsIA, CISA, CISSP, CGEIT, CEH, GCFA

2 Agenda Introductions Definitions Current Statistics Causes Risks A Case Study Wire Fraud Explained Nine Solutions Questions and Answers

3 Introductions

4 Eigen Heald, MsIA IT security professional and Consulting Manager at Berry, Dunn, McNeil & Parker Industry certifications include: Certified Information Systems Auditor Certified Information Systems Security Professional Certified Ethical Hacker Certified in the Governance of Enterprise IT GIAC Certified Forensic Analyst

5 The Issue: According to the FBI, in 2008-2009 there has been a "significant increase" in fraud involving the exploitation of valid online banking credentials belonging to:  Colleges and universities  Non-profit organizations  Municipal government  Small and medium businesses

6 Key terms we will discuss during this presentation Definitions

7 Automated Clearing House (ACH)  Electronic network for financial transactions  Processes direct deposit payroll, vendor payments, consumer payments, transfers to/from financial institutions, etc. Electronic Fund Transfers  Used to transfer funds to another bank account (usually set up by a “money mule”) where it is drawn out or sent overseas

8 Definitions “Trojan Horse” Software  Software code that facilitates unauthorized access to the user's computer system  Can “call home” to request code that specifically targets the user, then installs the code in the background “Money Mule”  Individuals (often hired by the criminals) set up bank accounts, withdraw the fraudulent transfers, and wire the money out of the country  Most frequently the money is wired to countries in Eastern Europe

9 Definitions “Malware”  Computer software that interferes with normal computer functions or sends personal data about the user to unauthorized parties over the Internet “Spear Phishing”  Targeted emails directed to employees most likely to have access to bank account information (e.g., CFO, CEO, COO, Senior Auditor)

10 How ACH wire fraud affects different groups Current Statistics

11 2008 Statistics  According to the Financial Crimes Enforcement Network (a Treasury Department division):  Reliable figures about losses from online banking fraud are difficult to come by and many incidents go unreported 58% increase in ACH wire fraud in 2008

12 2009 Statistics  As of November 2009, losses of $40 million attributed to ACH wire fraud  Over $85 million in attempts

13 Sample Statistics: Education  MARIAN COLLEGE August 5, 2009 $189,000 (Regained: $0) MARIAN COLLEGE  SAND SPRINGS SCHOOLS August 12, 2009 $150,000 (Regained: $70,000) SAND SPRINGS SCHOOLS  SANFORD SCHOOL DISTRICT August 19, 2009 $117,000 (Regained: $99,000) SANFORD SCHOOL DISTRICT  SYCAMORE COUNTY SCHOOLS July 9, 2009 $300,000 (Regained: $0) SYCAMORE COUNTY SCHOOLS

14 Sample Statistics: Non-Profits  EVERGREEN CHILDREN'S ASSN September 9, 2009 $30,000 (Regained: $30,000) EVERGREEN CHILDREN'S ASSN  STEUBEN ARC September 22, 2009 $200,000 (Regained: $42,000) STEUBEN ARC  UNITED METHODIST CHURCH September 30, 2009 $33,300 (Regained: $0) UNITED METHODIST CHURCH  ST. ISIDORE'S CATHOLIC CHURCH September 30, 2009 $87,000 (Regained: $0) ST. ISIDORE'S CATHOLIC CHURCH

15 Common causes of ACH wire fraud Causes

16  Small and medium-sized colleges and universities have fewer IT resources  Tendency to believe that because of size, the educational institution won’t be vulnerable  “Open campus” model  Tendency to “set it and forget it”  Fewer personnel to monitor daily banking activity

17 Risks associated with ACH wire fraud Risks

18  Loss of reputation  Regulatory penalties  Financial loss due to bank controls for commercial accounts

19 Commercial Accounts, Less Protection  Consumers typically have up to 60 days from the receipt of a monthly statement to dispute any unauthorized charges  Commercial banking customers have roughly two business days to spot and dispute unauthorized activity if they want to hold out any hope of recovering unauthorized transfers from their accounts  Thieves tend to wire out multiple transactions below $10,000 to avoid scrutiny

20 A Case Study

21 Wire fraud explained How does it happen?

22 A Common Attack  Targeted emails (“spear phishing”) can install custom code via PDF or other documents  “Drive-by” installation from web pages (e.g., Internet-based custom code written by cybercriminals from various parts of the world)  Custom code specifically looks for banking information inside the web browser  Code captures user ID, password, even bank “pictures” used for two-factor authentication

23 “Drive By” Code Installation  Malicious code is no longer limited to porn and other sleazy websites  Hackers are targeting more commonly used higher education, healthcare, blogging, and small eCommerce websites  Last August (2009), over 60,000 websites were infected by one exploit

24 Minimizing your risk of ACH wire fraud Nine Solutions

25 1. Stop conducting ACH wire transfers over the Internet  Does not eliminate Internet banking risk 2. Stop conducting Internet banking  Not always feasible 3. Develop specific control procedures with the bank  Bank will not always agree (but many will)

26 Nine Solutions 4. Increase IT staffing so more security activity can be implemented and maintained  Activity may still be missed 5. Run the best anti-virus software and update daily  May not catch latest malware 6. Monitor outbound connections  Will catch connections to unusual locations, but won’t catch malware if it is routed within normal IP addressing range

27 Nine Solutions 7. Acquire two-factor authentication from the bank  Requires a token 8. Utilize a separate PC to conduct online banking and nothing else  Recommended by the ABA and FBI  Requires a separate PC

28 Nine Solutions 9. Utilize a virtual machine desktop that will load a virtual operating system inside a single PC  Virtual operating system can be turned on for Internet banking and then closed  Requires a more powerful single PC

29 Questions? Eigen Heald, Consulting Manager Berry, Dunn, McNeil & Parker Phone: (207) 541-2311 eheald@bdmp.com

Download ppt "CUTTING OFF THE HYDRA HEADS OF ACH WIRE FRAUD Presented by: Eigen Heald, MsIA, CISA, CISSP, CGEIT, CEH, GCFA."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Complying With Payment Card Industry Data Security Standards (PCI DSS)

Complying With Payment Card Industry Data Security Standards (PCI DSS)
ELOC Bank Table Top Exercise Executive Leadership of Cybersecurity Austin, TX December 3, 2014 1.

ELOC Bank Table Top Exercise Executive Leadership of Cybersecurity Austin, TX December 3,
Parameter Tampering. Attacking the Ecommerce Shopping Cart In the above image we see that a user who wants to purchase a Television visits an online Store.

Parameter Tampering. Attacking the Ecommerce Shopping Cart In the above image we see that a user who wants to purchase a Television visits an online Store.
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Breaking Trust On The Internet

Breaking Trust On The Internet
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Corporate Account Takeover & Information Security Awareness PRESENTATION FOR BANK CUSTOMERS.

Corporate Account Takeover & Information Security Awareness PRESENTATION FOR BANK CUSTOMERS.
E-banking.

E-banking.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Why Comply with PCI Security Standards?

Why Comply with PCI Security Standards?
Digital Self Defense How well do YOU know Information Security? How well do YOU know Information Security?

Digital Self Defense How well do YOU know Information Security? How well do YOU know Information Security?
Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer

Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer
Traditional and Electronic Payment Methods Chapter 3.

Traditional and Electronic Payment Methods Chapter 3.
Online and Mobile Banking. Online banking Online Banking  Online banking is a fairly established practice in our internet-saturated world.  Many people.

Online and Mobile Banking. Online banking Online Banking  Online banking is a fairly established practice in our internet-saturated world.  Many people.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.

COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.
TRACs Security Awareness FY2009 Office of Information Technology Security 1.

TRACs Security Awareness FY2009 Office of Information Technology Security 1.

Similar presentations

Ads by Google