20120613 e-banking fraud situation - be law enforcement reaction
DESCRIPTION
Presentation given by FCCU at press conference on internet banking fraud at Febelfin on 13 june 2012 febelfin fccu persconferentieTRANSCRIPT
![Page 1: 20120613 e-banking fraud situation - BE law enforcement reaction](https://reader033.vdocuments.net/reader033/viewer/2022060112/556bf595d8b42a65458b5413/html5/thumbnails/1.jpg)
Belgian Federal Judicial Police
Federal Computer Crime Unit
© Luc Beirens
« Security in e-banking is a shared responsiblity »
© 2012 FCCU - Luc Beirens
![Page 2: 20120613 e-banking fraud situation - BE law enforcement reaction](https://reader033.vdocuments.net/reader033/viewer/2022060112/556bf595d8b42a65458b5413/html5/thumbnails/2.jpg)
Topics
Scheme
2007-2012 Evolution
Victims
Money mules
Criminals
Future
© 2012 FCCU - Luc Beirens
![Page 3: 20120613 e-banking fraud situation - BE law enforcement reaction](https://reader033.vdocuments.net/reader033/viewer/2022060112/556bf595d8b42a65458b5413/html5/thumbnails/3.jpg)
e-banking fraud is only part of the cybercrime
© 2012 FCCU - Luc Beirens
![Page 4: 20120613 e-banking fraud situation - BE law enforcement reaction](https://reader033.vdocuments.net/reader033/viewer/2022060112/556bf595d8b42a65458b5413/html5/thumbnails/4.jpg)
Cybercriminals working together
© 2012 FCCU - Luc Beirens
![Page 5: 20120613 e-banking fraud situation - BE law enforcement reaction](https://reader033.vdocuments.net/reader033/viewer/2022060112/556bf595d8b42a65458b5413/html5/thumbnails/5.jpg)
4 Activity spying Keylogging
Fake Company
Proxy
Spam
Money collector
Money Mule
eBank user Bank site
Money Mule
10
5
11
7
12 13
Trojan distribution campain
Hackers
Knowledge
database
1
Local storage
2 Use of intermediate systems to control network
Bank account transfer
3
© Luc Beirens
6
Surfing to banking website & Authentication
8 Preparation
Money transfer order
Proxy
Confirmation :
Screen injects
Telephone calls
![Page 6: 20120613 e-banking fraud situation - BE law enforcement reaction](https://reader033.vdocuments.net/reader033/viewer/2022060112/556bf595d8b42a65458b5413/html5/thumbnails/6.jpg)
2007-2012 e-banking cases
Experiences e-Banking cases 2007 : handled seperately
Start of Federal Police - Febelfin cooperation Complaints => centralized information & analysis
Engagement Police – Justice Federal Prosecutor’s office coordinating Local Prosecutors
Investigating ICT traces : FCCU
Investigating Financial traces : DJF and FJP Bxl
Cooperation with Europol & Eastern European countries
Success Most with financial traces => money launderers
○ Several money mules brought to court in BE & abroad
Some coders / hackers still under investigation abroad
© 2012 FCCU - Luc Beirens
![Page 7: 20120613 e-banking fraud situation - BE law enforcement reaction](https://reader033.vdocuments.net/reader033/viewer/2022060112/556bf595d8b42a65458b5413/html5/thumbnails/7.jpg)
Success ?
BE : less than 200.000 euro in 2011 Compared to 36 million euro in Netherlands
Well protected BE payment systems
Fast collaboration => know how criminals work
Fast adaptation of techniques for detection, avoidance, damage control
Awareness to large public Press releases / information sessions
Websites on e-security
© 2012 FCCU - Luc Beirens
![Page 8: 20120613 e-banking fraud situation - BE law enforcement reaction](https://reader033.vdocuments.net/reader033/viewer/2022060112/556bf595d8b42a65458b5413/html5/thumbnails/8.jpg)
Victims
ALL of them were infected with Trojans
Some of them had several hunderds Trojans
Very often no AV products
Operating system / applications not updated
Unaware of risks / methods
© 2012 FCCU - Luc Beirens
![Page 9: 20120613 e-banking fraud situation - BE law enforcement reaction](https://reader033.vdocuments.net/reader033/viewer/2022060112/556bf595d8b42a65458b5413/html5/thumbnails/9.jpg)
Who are behind the fraud ?
Horizontal organized crime : specialized teams
Trojan developers
Botnet managers
Financial operators => information / operations
Money launderers => operations department
Underground economy
Place where criminal specialists meet
Using encryption / hiding techniques
© 2012 FCCU - Luc Beirens
![Page 10: 20120613 e-banking fraud situation - BE law enforcement reaction](https://reader033.vdocuments.net/reader033/viewer/2022060112/556bf595d8b42a65458b5413/html5/thumbnails/10.jpg)
Underground exhange services
![Page 11: 20120613 e-banking fraud situation - BE law enforcement reaction](https://reader033.vdocuments.net/reader033/viewer/2022060112/556bf595d8b42a65458b5413/html5/thumbnails/11.jpg)
Market of Trojans and botnets
Zeus, SpyEye
Self configurable Trojan kits with support
Infection ways : mail, social media, P2P, web
Integration of functionalities Read, write, install access to harddisk
Internet connection interception and code injection
Keylogging
Screen captures
Webcam & microphone activation
Managed over botnets
© 2012 FCCU - Luc Beirens
![Page 12: 20120613 e-banking fraud situation - BE law enforcement reaction](https://reader033.vdocuments.net/reader033/viewer/2022060112/556bf595d8b42a65458b5413/html5/thumbnails/12.jpg)
Money mules
Several levels of money mules 1st level => in BE / 2nd level => after money transfert
Organizers Recruitment and managing money mules
Organizing – laundering operations
New schemes to enable money laundering Large expensive orders to shops / hotels – cancelled
New dating friends asking for money transfers
Money mules used for different purposes E-banking / Internet fraud
© 2012 FCCU - Luc Beirens
![Page 13: 20120613 e-banking fraud situation - BE law enforcement reaction](https://reader033.vdocuments.net/reader033/viewer/2022060112/556bf595d8b42a65458b5413/html5/thumbnails/13.jpg)
Evolution
Trojans and botnets : multipurpose tool for cyber crime
Cooperation Febelfin-Police : detect new modus
Focus on awareness Responsiblity of every party concerned
Focus European and BE police strategy Taking away the weapens of the criminals
Disrupting / dismantle botnets
Together with all other partners
© 2012 FCCU - Luc Beirens
![Page 14: 20120613 e-banking fraud situation - BE law enforcement reaction](https://reader033.vdocuments.net/reader033/viewer/2022060112/556bf595d8b42a65458b5413/html5/thumbnails/14.jpg)
Contact information
Belgian Federal Judicial Police
Direction for economical and financial crime
Federal Computer Crime Unit Notelaarstraat 211 - 1000 Brussels – Belgium
Tel office : +32 2 743 74 74
Fax : +32 2 743 74 19
Head of Unit : [email protected]
Twitter : @LucBeirens
© 2012 FCCU - Luc Beirens