1

Criminal acts in the Telecom Field, detection methods and countermeasures

Mr. Michalis Mavis, MSc, MSc

f. Chairman Hellenic Fraud Forum

TELECOM FORUMSULTANATE OF OMAN

13-15 April 2015

2

White Collar Crime increase

• WCC=> White Collar

Crime.

• Normally no

weapons, bombs or

guns are used…

Massive surge in criminal incidents during the past 10 years.

3

Many faces of fraud and E-crimes

• Telecom Fraud.

• Banking fraud & money

laundering.

• Mortage fraud.

• Insurance fraud.

• Other types of fraud and

electronic crimes.

4

Target of Fraud and E-crimes

Telecom fraud may be committed by :

• C2B fraud: Isolated persons or organized

criminal rings against Telecom Operators

and/or Service Providers.

• B2B fraud: But it may take place when

fraud is committed by one Telecom

Operator against other Telecom Operator

and/or Service Provider (competitor fraud)...

• G2B & G2G attacks !!!

5

TrendsPresent & Future

6

Current & future trends

• Convergence of IT, Telecom, Banking and

Entertainment.

• Mobility everywhere (business and private

environment).

• New services (e.g. mobile banking) and new

terminal equipment (e.g. smart watch).

• Next Generation Networks (based on IP

technology).

• Crime and fraud move now … against content.

7

Some interesting business cases …

TELECOM

FRAUD

8

Identity theft (a fast growing problem)

• Social Media (e.g. Facebook) information about

the victim.

• Stealing an original bill (e.g. power line bill) from

victim’s house post-box, or building entrance.

This is now a good proof of address.

• Producing faked docs (e.g. tax

certificate and/or id-card).

• Hacking his mobile or pc for

additional information.

9

Skimming attack on the RFID passports

• Cheap hardware used for illegal copying

information (on the air) from the victim’s

passport (in airports, cafeterias etc.).

10

• ID-theft then used to get illegally SIM cards and

other goods (subscription fraud).

• Mobile phones with SIM cards got with other

persons private data are then used for financial

fraud (high value money fraud).

• Calls are made to Premium Rate Services

numbers (high cost phone services). In the

country or abroad

(roaming fraud). The fraudster

gets “bonus” for those calls

from the PRS provider.

Subscription fraud calls to PRS

11

INTENTITY THEFT AND SUBSCRIPTION FRAUD IN MOBILE PHONES…

12

Gabling and casinosmobile phones subscription fraud

• SIM cards illegally obtained (subscription fraud) are then

used, in different applications, e.g. to play in online casino.

• The fraudster using the illegal SIM cards makes calls to

Casino PRS numbers to get marks for playing in the online

Casino (e.g. 100 $/per call).

• Instead of playing to the Casino with the credit he got,

transfers the money to a bank account obtained under faked

identity.

• He gets the money and disappears.

13

P.R.S. calls for illegal money

• Fraudulent calls by mobile

subscription fraud.

TELEPHONE PIZZA

• Telephone cards that

never expire …

14

M-commerce & m-banking fraud

• Cloned SIM cards used in m-commerce or

m-banking. The bill goes to the owner of the card.

• IP spoofing: IP packets from an illegal device

seem to originate from a legal one.

• Hackers using sniffer types of programs are

stealing from the traffic credit card numbers and

other sensitive

information.

15

Recent multinational banking fraud

The CarBanak attack

16

ILLEGAL MONITORING

of communications(industrial or government

espionage)

C2C, G2B & G2G attacks…

17

PABX fraud

• Attacking the DISA service for making free calls.

• Call Selling operations.

• Activating illegal monitoring of communications

without traces… (automatic attendant).

18

Spying programs:

Monitoring performed

for your own benefit…

19

20

Espionage malware :

(the Equation Group attack) (known in Feb-2015)

21

Victims infected since 2001

• Government and diplomatic institutions.

• Telecoms.

• Aerospace.

• Energy.

• Nuclear research.

• Oil and gas.

• Military.

• Nanotechnology.

• Mass media.

• Transportation.

• Financial institutions.

• Companies developing encryption technologies.

22

Detection & Countermeasures

• Training (know the enemy).

• Use of tools (FMS, A2)

• Build a well trained Anti-fraud Unit

in your company – organization.

• Establish a Security Policy and

enforce its use.

• Participate to international

organizations dealing with fraud

and security (GSM Fraud Forum, FIINA, etc.)

• Built a National Fraud Forum to exchange information inside your

country. Examples in Europe include UKFF, DFF, HFF etc.

• Be proactive and search continually for new threats.

• Perform security audits in regular intervals.

23

Thank you !

Mr. Michalis Mavis, MSc, MSc

//gr.linkedin.com/in/mmavis

Email: michalis.mavis@gmail.com