Rohan Langley
SAS
How to Catch a Thief Trends & Technologies in the Fight Against Fraud
Fixing Fraud: A Fraud Solution
Global Drivers & Challenges: The Changing Fraud Landscape
A Real World Example: Online Banking Fraud
The Changing
Fraud Landscape
Global Drivers & Challenges
Fraud is a global problem
Source: Association of Certified Fraud Examiners • Typical organisations lose 5% of revenues
to fraud each year
• Estimated to be a global loss of more than $3.5 trillion
• Industries most commonly targeted • Banking & Financial Services • Government and Public Administration • Manufacturing Sector
Tough challenges for organisations
Organisations are faced with tough challenges to focus on reducing losses AND ensure a smooth customer journey AND take effective, timely action.
“Cyber thieves have cost US companies and their banks more than $15 billion in the past five years, the FDIC found in a recent study.” Financial Times, 2012
“Tax evasion losses are estimated at $3.1 trillion for 145 countries in the world which represent 98% of the world GDP between them.” The Tax Justice Network
HSBC to pay $1.9bn in US money laundering penalties
Standard Chartered to pay $340m settlement over Iran investigation
RBS and HSBC among banks fined £2.6bn for forex rigging
BNP Paribas to pay $9bn to settle sanctions violations
VAT fraud costing Europe €€50bn a year Carousel scam escalates out of control as governments are accused of denial
Global trade in phantom cargoes swindles banks of £500m
Today’s frauds are
• Increasingly sophisticated
• Higher velocity/faster
• Cross industry
• Multi channel
• Advanced technologies
• Social with pressures on staff
Current fraud systems
are struggling to cope
• Siloed by line of business - no sharing of data
• Act on event or customer
• Rules and predictive models alone have limitations
• Few proactive steps taken to combat cross channel fraud
• Evidence insufficient to act upon
• Investigation time consuming
Fixing Fraud A Fraud Solution
Fixing Fraud How to detect staff behaving badly
Avivah Litan, VP Gartner
"Security and fraud risk exposure is increasing as organizations are threatened at multiple points of vulnerability.
Companies are re-evaluating how they tackle security since a fragmented approach is consistently leaving organizations at greater risk of attack.
A more holistic approach to security ensures all layers of protection function together.“
Protection across the enterprise
Make better use of your data
Network
Entity
Event
Hybrid analytics
SAS Fraud Framework
The fraud threat landscape
Hybrid analytics
Visual scenario configuration
Ad-hoc, in memory reporting and exploration
Concise and efficient investigation
Visualise – empower the business user
A Real World Example
Online Banking Fraud
• Phishing
• It usually starts through Phishing.
• Spear Phishing is where the attack is tailored specifically for you.
• Politicians, business people and other wealthy or eminent people are likely targets of Spear Phishing.
• The term can also describe attacks tailored for the customers of one particular bank.
• Social Engineering (“a trustworthy voice on a phone”) can also be used to extract information from you and convince you to accept an email.
Online Banking Fraud
• Money Mules are • New accounts specifically opened for exiting stolen
funds.
• Sometimes created using fake identification.
• Sometimes ordinary customers co-opted by criminal gangs in return for commission.
• By recruiting many different mules, fraudsters can split transactions into smaller parts, often circumventing fraud rules.
• Mule recruitment became very popular in the aftermath of the financial crisis, recruitment scams are particularly effective on people in financial distress.
- An example of a mule recruitment scam
Money Mules
Man in the Browser Attack
• It all starts with an email or a link to download a piece of malicious software
• Once a customer’s computer or smartphone is compromised, it can harvest passwords and deliver fake bank websites and text messages to the customer.
• Often coordinated to hit many customers at the same time.
Customer contracts Malware
Customer commences
Online Banking session
Passwords 2FA PIN
Customer keeps using fake session
Criminal takes over real session
Money transferred to mule account at same bank
Criminal
Customer
Bank SMS
Anomaly detection (example):
The client is accessing their account from a
new channel
Database Searches (example): Looking for
matches across the Black-lists
Business rule (example): Transaction above $xx to a
new beneficiary
Database Searches (example): Looking for
matches across the Black-lists
Predictive modelling (example): Model based on variables such payment amount and balance
SNA (example): Links to mule account such as a shared mobile number
Text mining (example): Transaction narrative showing suspicious
payments
Using the Hybrid Approach
Questions & Answers
For further information
WWW.SAS.COM