Mais conteúdo relacionado
Semelhante a 20120613 e-banking fraud situation - BE law enforcement reaction (20)
20120613 e-banking fraud situation - BE law enforcement reaction
- 1. « Security in e-banking is a shared responsiblity »
Belgian Federal Judicial Police
Federal Computer Crime Unit
© Luc Beirens
© 2012 FCCU - Luc Beirens
- 2. Topics
Scheme
2007-2012 Evolution
Victims
Money mules
Criminals
Future
© 2012 FCCU - Luc Beirens
- 5. Activity spying 5
6 4 Keylogging Local
storage
Surfing to banking website & Authentication
Bank site eBank user
10
Bank account transfer Preparation
Confirmation :
Money transfer order
8
Screen injects
Telephone calls
Proxy
3
Hackers
Knowledge
database 7
Money Mule
Trojan
Proxy 2 Use of 1 distribution
intermediate campain
systems
Spam to control network
Fake Company
11
© Luc Beirens 12 Money collector 13
Money Mule
- 6. 2007-2012 e-banking cases
Experiences
e-Banking cases 2007 : handled seperately
Start of Federal Police - Febelfin cooperation
Complaints => centralized information & analysis
Engagement Police – Justice
Federal Prosecutor’s office coordinating Local Prosecutors
Investigating ICT traces : FCCU
Investigating Financial traces : DJF and FJP Bxl
Cooperation with Europol & Eastern European countries
Success
Most with financial traces => money launderers
○ Several money mules brought to court in BE & abroad
Some coders / hackers still under investigation abroad
© 2012 FCCU - Luc Beirens
- 7. Success ?
BE : less than 200.000 euro in 2011
Compared to 36 million euro in Netherlands
Well protected BE payment systems
Fast collaboration => know how criminals work
Fast adaptation of techniques
for detection, avoidance, damage control
Awareness to large public
Press releases / information sessions
Websites on e-security
© 2012 FCCU - Luc Beirens
- 8. Victims
ALL of them were infected with Trojans
Some of them had several hunderds Trojans
Very often no AV products
Operating system / applications not updated
Unaware of risks / methods
© 2012 FCCU - Luc Beirens
- 9. Who are behind the fraud ?
Horizontal organized crime : specialized teams
Trojan developers
Botnet managers
Financial operators => information / operations
Money launderers => operations department
Underground economy
Place where criminal specialists meet
Using encryption / hiding techniques
© 2012 FCCU - Luc Beirens
- 11. Market of Trojans and botnets
Zeus, SpyEye
Self configurable Trojan kits with support
Infection ways : mail, social media, P2P, web
Integration of functionalities
Read, write, install access to harddisk
Internet connection interception and code injection
Keylogging
Screen captures
Webcam & microphone activation
Managed over botnets
© 2012 FCCU - Luc Beirens
- 12. Money mules
Several levels of money mules
1st level => in BE / 2nd level => after money transfert
Organizers
Recruitment and managing money mules
Organizing – laundering operations
New schemes to enable money laundering
Large expensive orders to shops / hotels – cancelled
New dating friends asking for money transfers
Money mules used for different purposes
E-banking / Internet fraud
© 2012 FCCU - Luc Beirens
- 13. Evolution
Trojans and botnets : multipurpose tool
for cyber crime
Cooperation Febelfin-Police : detect new modus
Focus on awareness
Responsiblity of every party concerned
Focus European and BE police strategy
Taking away the weapens of the criminals
Disrupting / dismantle botnets
Together with all other partners
© 2012 FCCU - Luc Beirens
- 14. Contact information
Belgian Federal Judicial Police
Direction for economical and financial crime
Federal Computer Crime Unit
Notelaarstraat 211 - 1000 Brussels – Belgium
Tel office : +32 2 743 74 74
Fax : +32 2 743 74 19
Head of Unit : luc.beirens@fccu.be
Twitter : @LucBeirens
© 2012 FCCU - Luc Beirens