Presentation is loading. Please wait.

Presentation is loading. Please wait.

Proprietary and Confidential Don’t be the Next Cyber Crime Statistic C. Kevin deBrucky, Vice President PINACLE ® Security Manager.

Published byBrenda O’Connor’ Modified over 8 years ago

Similar presentations

Presentation on theme: "Proprietary and Confidential Don’t be the Next Cyber Crime Statistic C. Kevin deBrucky, Vice President PINACLE ® Security Manager."— Presentation transcript:

1 Proprietary and Confidential Don’t be the Next Cyber Crime Statistic C. Kevin deBrucky, Vice President PINACLE ® Security Manager

2 Proprietary and Confidential Introduction “Hacking” vs. compromise of individuals Targeting system weaknesses vs. targeting weaknesses in controls and individual awareness Discussion Topics: Financial Malware eMail Compromise 2 Use elements of: Social engineering Phishing Malware

3 Proprietary and Confidential Cybercrime: The numbers Phishing attacks on the US:30.8% of all attacks Phishing attacks on financial sites:31.45% of all attacks – Banking sites:51.95% – Online stores:24.66% – Payment systems:23.39% Malware used for financial attacks:93.8% of all malware used US financial malware attacks:1,529,000+ Non-US financial malware attacks:19,786,000+ 6

4 Proprietary and Confidential Financial Malware Significant new threat emerged in late 2014 Distributed broadly through phishing campaigns “Generic” email subjects entice recipient to open the attachment Recent strains able to leverage Outlook for further propagation Once attachment is opened, malware installs itself Malware activates when user navigates to a targeted online banking URL User session is redirected to a bogus site, used to harvest user credentials 4

5 Proprietary and Confidential Financial Malware – Example Fraudulent Page Legitimate Page 4

6 Proprietary and Confidential Financial Malware The malware reports the user’s credentials to the fraudster’s “Command and Control Center” The fraudster then uses the credentials to log in to the site from a “clean” PC The Command/Control Center is also used to push various “stall screens” and additional authentication prompts to the user, as needed by the fraudster Finally, the fraudulent site will request access from a second operator in order to gain a second set of credentials The malware may also prompt users to enter their name/telephone number – which the fraudsters then use to contact the user directly 6 Red Flag

7 Proprietary and Confidential Financial Malware – Example Fraudulent Page 7

8 Proprietary and Confidential Financial Malware – Example Fraudulent Pages 8

9 Proprietary and Confidential Financial Malware – Example Fraudulent Page 9

10 Proprietary and Confidential BEC: The numbers Total U.S. victims:1198 Total U.S. dollar loss:$179,755,367 Total non-U.S. victims:928 Total non-U.S. dollar loss:$35,217,136 Combined victims:2126 Combined dollar loss:$214,972,503 10

11 Proprietary and Confidential Different types of BEC Invoice Modification – Business has long standing relationship with supplier – Request is made to have funds to an alternate fraudulent account – Email is spoofed to look very similar to legitimate account Business Executive Scam – High level business executive’s email account is compromised – A request is made from compromised account to employee responsible for handling payments to divert funds to fraudsters account Employee Email Compromise – Fraudster uses employee email to request payment to their accounts 11

12 Proprietary and Confidential eMail Compromise Hacked or spoofed (fictitious) email accounts are used to communicate requests to initiate payments or change existing payment instructions Requests appear to come from an executive (CEO, CFO, etc.) or a known trading partner (vendor) of the targeted company Often the executive’s or supplier’s legitimate email account is compromised The fraudsters can glean facts and valid information from other emails in the compromised mailbox making the fraudulent payment request seem authentic 12

13 Proprietary and Confidential eMail Compromise Warning signs of an email compromise: Request from a supplier to change payment instructions for an upcoming payment Request from a company executive to initiate a critical payment The request creates a sense of urgency to prompt immediate action Often the request insists on secrecy or confidentiality and suggests bypassing established procedures Requestor insists on communication via email Requestor wants immediate confirmation when payment is executed 13 Red Flag

14 Proprietary and Confidential BEC challenges Customer authenticates with known trusted device Customer actually authorizes and releases wire transfer Recovering funds from overseas accounts Enlisting law enforcement support in a timely manner 14

15 Proprietary and Confidential eMail Compromise – Example 15

16 Proprietary and Confidential eMail Compromise – Example 16 From: John Smith [mailto: john.smith@kstoolvvorks.com] john.smith@kstoolvvorks.com Sent: Wednesday, May 6, 2015 To: Susan Hoyle Subject: Payment Needed Today! Are you available to make a payment for me today? John M. Smith, President and CEO T: 555-555-1111 e: john.smith@kstoolworks.com Yes, I am in the office all day. Send me the payment details. From: Susan Hoyle [mailto: susan.hoyle@kstoolworks.com] susan.hoyle@kstoolworks.com Sent: Wednesday, May 6, 2015 To: John Smith Subject: RE: Payment Needed Today! Susan Hoyle Controller/CFO T: 555-555-2222 e: susan.hoyle@kstoolworks.com Attached are the payment instructions. Code to Admin Expenses. I am not reachable by cell today, so use email. Please let me know as soon as the payment is sent as this must be done today. From: John Smith [mailto: j ohn.smith@kstoolvvorks.com] ohn.smith@kstoolvvorks.com Sent: Wednesday, May 6, 2015 To: Susan Hoyle Subject: RE: Payment Needed Today! John M. Smith, President and CEO T: 555-555-1111 e: john.smith@kstoolworks.com

17 Proprietary and Confidential Best Practices Validate User Entitlements Payment Initiation vs. Approval segregation Dollar limits and transaction types Bank Application Security Controls Review and enroll in optional bank security controls when applicable Monitor Account Activity daily Use different computers or mobile devices for payment initiation and approval processes 17

18 Proprietary and Confidential Best Practices Use out-of-band verification to confirm email payment requests or requests to change payment instructions with the requestor: Use direct contact with a known individual and known telephone number; do not use email to verify the request Implement secondary approval (internally) for all changes to vendor payment instructions Employ strict vendor management procedures Develop clear internal policies and procedures for payment initiation requests Obtain buy-in from senior managers 18

19 Proprietary and Confidential Best Practices Do not open attachments or click on links in emails from unknown senders Be suspicious of emails with generic subject titles, such as ”Your Documents” or “Invoice” Consider using dedicated computers for sensitive web access (no email access and restricted website access) Be very cautious about sharing information on social networking sites 19

20 Proprietary and Confidential Questions? PNC Financial Services Group 20 Contact Information: C. Kevin deBrucky, SVP PINACLE ® Product Manager PNC Treasury Management eMail: Charles.Debrucky@pnc.com

Download ppt "Proprietary and Confidential Don’t be the Next Cyber Crime Statistic C. Kevin deBrucky, Vice President PINACLE ® Security Manager."

Similar presentations

MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.

MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.
ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.

ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.
What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via

What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
Bsharah Presentation Threats to Information Security Protecting Your Personal Information from Phishing Scams.

Bsharah Presentation Threats to Information Security Protecting Your Personal Information from Phishing Scams.
Protect Yourself from Your Customer Kristin A. Stedman, AAP Senior Vice President Education Services 1 © 2014 TACHA. All Rights Reserved.

Protect Yourself from Your Customer Kristin A. Stedman, AAP Senior Vice President Education Services 1 © 2014 TACHA. All Rights Reserved.
Social Engineering J Nivethan. Social Engineering The process of deceiving people into giving away access or confidential information Onlinne Phone Offline.

Social Engineering J Nivethan. Social Engineering The process of deceiving people into giving away access or confidential information Onlinne Phone Offline.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
Quiz Review.

Quiz Review.
Internet Banking Standard and Standard-Hybrid Registration Intuit Financial Services University Internet Banking Certification Training.

Internet Banking Standard and Standard-Hybrid Registration Intuit Financial Services University Internet Banking Certification Training.
Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.

Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.
SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
First Community Bank www.fcbnm.com Prevx Safe Online Rollout & Best Practice Presentation.

First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.
Commercial eSecurity Training and Awareness. Common Online Threats Most electronic fraud falls into one of three categories:  PHISHING – Fraudulent emails.

Commercial eSecurity Training and Awareness. Common Online Threats Most electronic fraud falls into one of three categories:  PHISHING – Fraudulent s.
PHISHING AND SPAM EMAIL INTRODUCTION There’s a good chance that in the past week you have received at least one email that pretends to be from your bank,

PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
Cyber Crimes.

Cyber Crimes.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
Information Security and YOU!. Information Assurance Outreach Information Security Online Security Remote Access with Demonstration The Cloud Email Social.

Information Security and YOU!. Information Assurance Outreach Information Security Online Security Remote Access with Demonstration The Cloud Social.

Similar presentations

Ads by Google