Business Identity Fraud. Bart De Bie i-force

Similar documents
Cyber Insurance: What is your bank doing to manage risk? presented by

Phishing / Wire Fraud. Today s Topics 12/5/2017. Hacked and the Money is Gone: What s My Liability?

Preventing fraud in public sector entities

FAQ. Usually appear to be sent from official address

Target Breach Overview

Legal Aspects of Cybersecurity

The BUSINESS of Fraud. Don t let it put you out of business. AFFILIATE LOGO

Webomania Solutions Pvt. Ltd. 2017

Quick recap on ing Security Recap on where to find things on Belvidere website & a look at the Belvidere Facebook page

CLICK TO EDIT MASTER TITLE STYLE Fraud Overview and Mitigation Strategies

Protecting Your Business From Hackers

You ve Been Hacked Now What? Incident Response Tabletop Exercise

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 1 Introduction to Security

Supplier Invoice Submission Guide. English

Who We Are! Natalie Timpone

Identity fraud. Good advice on how to avoid being cheated by a buyer with a false identity.

Duplicate Invoice Payments

CYBER SECURITY RESOURCE GUIDE. Cyber Fraud Overview. Best Practices and Resources. Quick Reference Guide for Employees. Cyber Security Checklist

Security & Phishing

OTC Direct Limited Customer account application / amendment form

Botnets: major players in the shadows. Author Sébastien GOUTAL Chief Science Officer

South Central Power Stop Scams

9/11/ FALL CONFERENCE & TRAINING SEMINAR 2014 FALL CONFERENCE & TRAINING SEMINAR

Taking control of your finances... 5 Use these tips to manage your finances

Action Fraud & the NFIB. DS Martina MCGRILLEN

Bank of america report phishing

Newcomer Finances Toolkit. Fraud. Worksheets

A Forensic Accountant in Cyber Security

Business Accounts. Important information. Keeping you up to date. danskebank.co.uk

security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name.

OTHER PEOPLE S MONEY: THE BASICS OF ASSET MISAPPROPRIATION

Frauds & Scams. Why is the Internet so attractive to scam artists? 2006 Internet Fraud Trends. Fake Checks. Nigerian Scam

Evolution of Spear Phishing. White Paper

Guide to credit card security

Security Awareness. Chapter 2 Personal Security

716 West Ave Austin, TX USA

Why you MUST protect your customer data

Employee Security Awareness Training

716 West Ave Austin, TX USA

OTHER PEOPLE S MONEY: THE BASICS OF ASSET MISAPPROPRIATION (NO )

National Travel Associates

Recognizing & Protecting Against Fraud

Wire Fraud Scams: How to Protect

Send a signed and completed copy to your Telstra Representative. For further assistance please contact your Telstra Representative.

FRAUDULENT TRAVEL SCAMS

EXTRUTECH PLASTICS, INC. Custom Extruder of Close Tolerance Profiles

SSE Phone and Broadband Product and Price Guide (17 range)

Treasury Services Group Number Treasury Management Officer

REPORT. Year In Review. proofpoint.com

We will divide the many telecom fraud schemes into three broad categories, based on who the fraudsters are targeting. These categories are:

REDUCING THE RISK OF CARD NOT PRESENT FRAUD

June 2 nd, 2016 Security Awareness

Seattle University Identity Theft Prevention Program. Purpose. Definitions

Trustwave SEG Cloud BEC Fraud Detection Basics

PBX Fraud Information

Prevention of Identity Theft in Student Financial Transactions AP 5800

BANK WAYS TO. Secure and convenient banking options to fit your lifestyle. Branches. Online Banking. Phoneline Banking. Mobile Banking.

GROUPON VOUCHER TERMS OF SALE UK

Cyber Security Updates and Trends Affecting the Real Estate Industry

FAQ of BIPT for the attention of the consumers relating to the compulsory identification of prepaid card users. Contents

Fraud awareness & Information pack for ANZ Customers

Wire Fraud Begins to Hammer the Construction Industry

Crich Tramway Village, home of the National Tramway Museum

Legal Considerations and Case Studies

PAY MONTHLY ADDITIONAL SERVICES TERMS AND CONDITIONS

TRUECALLER INSIGHTS SPECIAL REPORT: THE TOP 20 COUNTRIES AFFECTED BY SPAM CALLS

Identity Theft and Account Takeover Prevention

Customer Security Programme (CSP)

IT Security Protecting Ourselves From Phishing Attempts. Ray Copeland Chief Information Officer (CIO)

Alternative phone number: Credit card/debit card number Expiry date: / / DD MM YYYY

ELECTRONIC FUNDS TRANSFER (EFT) For Provider Payments

IntForex demonstration bank account list IntForex demonstration rates IntForex demonstration rates... 22

The French WEEE system. Cécile des Abbayes Research Manager Eco-systèmes

THE SMALL BUSINESS FRAUD PREVENTION MANUAL

TERMS AND CONDITIONS FOR THE USE OF THE WEBSITE AND PRIVACY POLICY

Personal Cybersecurity

CYBER SECURITY AND THE PENSIONS INDUSTRY Karen Tasker 1 February 2018

CAREERBUILDER.COM - PRIVACY POLICY

6. Vendor Maintenance

Would you fall for the latest ingenious bank scam?

Subject: Kier Group plc Data Protection Policy

Credit Card Frauds Sept.08, 2016

Social Engineering The devil is in the details

Identity Theft Prevention Program. Effective beginning August 1, 2009

How technology changed fraud investigations. Jean-François Legault Senior Manager Analytic & Forensic Technology June 13, 2011

HOW TO INTEGRATE A PAYPAL BUTTON INTO YOUR WEBSITE

Electronic Communication of Personal Health Information

RETIREMENT ACCOUNT APPLICATION FORM. Share Dealing

Cyprus VAT and direct tax update course

APPLICATION FORM FOR DELETION, TRANSFER AND/OR CHANGE OF DOMAIN NAME DETAILS

DHL MyBill FAQ MyBill.dhl.com

Safeguarding Your Dealership from Fraud

Second International Barometer of Security in SMBs

SDR EDUCATIONAL CONSULTANTS

WHAT DOES THIS PRIVACY POLICY COVER?

Identity Theft Prevention Policy

FREQUENTLY ASKED QUESTIONS

E-invoice. Service Description

Chapter 13. Digital Cash. Information Security/System Security p. 570/626

GLOBAL MOBILE PAYMENT METHODS: FIRST HALF 2016

Transcription:

Business Identity Fraud Bart De Bie i-force www.identityfraud.be

What have we seen in the past? A plaque coming from France 2016 ** 2

www.identityfraud.be 3

Fake or falsified (international) transfers using impersonation 1. The classic 2. The Nigerian variant 3. The CEO variant 4

The Classic Transfer form with falsified CEO signature Amounts <10.000 Via mail or fax Sent to the bank of the targeted company Modus operandi : Step 1 : Tf fake CEO towards the bank : change of Tf nr Step 2 : Hand over of the transfer form for execution Pass rate: 5

The Nigerian variant Perpetrators from West Africa Only via mail Transaction between company and Asiatic supplier Example : 06-08-2013 : company X receives an e-mail with the signature from one of his subcontractors in Taiwan Message: due to technical issues at our financial institution the tranfer needs to be performed towards a more secured account at Barclay s Bank on the name of a British company 12 days later: The real Asian subcontractor announces that the last invoice has not yet been paid 6

The CEO variant Most known variant international businesses > 1 M Organized gangs (French-Israëli) Benefiting countries: China Hong Kong Cyprus 7

Modus operandi CEO fraud 1. Information gathering 2. Impersonation and choice of victim 3. Pressurising 4. Manipulation 5. Execution of payment order 6. Fresh attempt 8

Some facts & figures 85% of the data gathered on the target come from public sources (Internet, media, etc.) and from information obtained via the fraudster s network 20% of social engineering attacks are carried out via compromised websites, as well as the falsification of e-mail addresses of individuals and public administrations. $ 420 million Is the total loss related to Busines e-mail compromise and identity theft, spread over 30.000 cases (FBI Internet report 2016 ) 9

10 A real life case

Example CEO-Fraud (1) Hi, Carine from Accounting. Good morning, this is lawyer Laroche from Paris. I do not know if Mr Jean Grootjans has informed you, but he asked me to contact you. I have been acting for years for Jean as his personal legal councel in possible M&A transactions. We are planning a new merger and I got the task to collect all remaining cash from the different businesses. We do not want to involve anyone else because once it is known that we want to take over that company, other candidates will emerge and we want to avoid that. Can I count on your discretion? 11

Example CEO-Fraud (2) I would like to help but how am I sure you actually know Mr Grootjans? It surprises me he did not inform you already. Maybe I was a bit to quick. I will ask him to contact you, and I will phone you back a bit later. Jean.grootjans@grootjans.be <Jean.grootjansiphone@mail.com>: Carine, You will be contacted by Mr Laroche. I count on your efficienty and confidentiality in helping out Mr Laroche. Thanks in advance, Jean Grootjans, CEO 12

Example CEO-Fraud (3) Good afternoon. I have been informed that Jean has already spoken to you? As we do not want to jeopardise any of the entities, could you provide me with the cash planning overview? You can only send it to my email address at cabinet.laroche@financier.com. Which amount would you be able to transfer as from tomorrow? Are you expecting any large sums in the following days? I suggest to pay out the suppliers two weeks later. It's a bit annoying that your payment authority is limited to this amount but then we will do it in several transactions. May I ask you for the moment not to communicate with others but just communicate with me about this? 13

A real life fraud attempt towards a Belgian company https://nieuws.vtm.be/binnenland/120497-de-ceo-fraudevalse-baas-licht-bedrijf-op 14

What do we see today? A shift towards Purchase Sales and Creditors departments Recent variants Invoice fraud Fake order scams From typosquatting towards combosquatting 15

Invoice fraud Aimed at Purchase and Credit departments Real life case The purchasing company : notification that from now on invoices must be paid on the account of a Romanian factoring company e-mail from the so-called factoring company contains a list with all of the outstanding invoices Investigation Company s computer infected by malware Information collected via social engineering by as well the purchasing as the selling company 16

Fake order scams httyoutube.com/watch?v=imoapnlykd8 17

18 The wine case

The wine case (2) Fraudulent orders to at least 20 European companies Wine traders & Suppliers of electronics in France, Germany, Spain, Italië and Portugal Transport firm ARC transport and Dimotrans For amounts between 19.000 and 750.000 19

The wine case (3) Fraudsters South England, France and Nigeria two transit warehouses in Horsmonden and Brenchley, (small towns in southern England) The owner, the 26-year-old Timothy R 20

The wine case (4) Modus operandi extensive mail and phone contact real names of people working at Simply Market (website, LinkedIn) the e-mail addresses: almost identical (the extension.fr becomes.com) VAT and excise duty numbers are correct one notable exception: "Usually, supermarkets negotiate well over the price, to the lowest amount possible. But they agreed quite quickly 21

Modus operandi The fraudster acts as an employee of the so-called purchasing company: By taking over the e-mail account (via hacking or malware), also known as Business E-mail Compromise By registering a domain name that strongly looks like the domain name of the existing company, e.g. by changing only one character (typo squatting) 22

Combosquatting What? the act of buying a domain name that combines a legitimate company domain with some other word, in hopes of drawing victims to the official looking domain More prevalent than typosquatting 2.7 million combosquatting domains targeting only 268 legitimate top domains In the last 6 years 23

What action can be taken? Don t expose your data in public places (trains, etc.), on websites, on social networks or even within your company Establish internal procedures based on doublechecking and restricting access to sensitive data Raise employee awareness, especially in your accounting, finance, purchase and sales departments Don t click on unknown links in e-mails or online Use ID FRAUD CHECK 24

ID Fraud Check Every company can check whether a certain domain name is already on the black list or is generating red flags The black list contains domain names that were effectively used for fraud purposes and are being kept up to date at all time Partners who sign up will be notified immediately if a fraudulent variant of their domain name is being used (EARLY WARNINGS) www.identityfraud.be 25

Contact details i-force Bart De Bie RFA, CFE bart.debie@i-force.be www.identityfraud.be 26

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback