Last week, reports flooded security forums and publications highlighting an increase in the rate of a fraud attack named Operation Emmental.
The threat type was first noticed by security companies approximately 5 months ago, but the recent rise in successful attacks against mobile banking users has been alarming and underlined the effectiveness of the attack. The fact that the majority of the successful attacks were aimed at Swiss banks led to the name of Operation Emmental, referring to the Swiss cheese containing holes, suggesting imperfections in security. Read more
Over the last two years, we have seen a tremendous increase in mobile malware, which grew 167 percent in the past year, according to the June 2014 McAfee Labs Threat Report.
Here are two major reasons why mobile malware is increasingly the preferred method of attack for fraudsters:
1. As EMV technology is deployed in the US, the amount of fraud attributed to counterfeit cards will decrease.
2. Telecommunications providers will no longer allow premium text message services to bill customers, lowering the volume of fraud via premium SMS messages.
Cybersecurity risks remain the same for all financial institutions, regardless of size or resources. The FFIEC recently announced that examiners will be conducting “state of cybersecurity assessments” this summer, specifically targeting community banks. Examiners want to ensure that cybersecurity is engrained into the culture of all financial institutions, and that management is well aware of the risks. This webinar will provide cutting-edge insights into the latest fraud trends, and teach you how to strengthen your fraud program in a way that not only meets, but surpasses compliance.
What You Will Learn:
- Current fraud trends impacting community banks and credit unions, citing specific examples.
- Beyond financial loss, what are hard and soft costs incurred after a fraud incident?
- Available anti-fraud technologies to combat fraud and satisfy FFIEC compliance.
Register free now!
At Easy Solutions, we spend a lot of time anticipating fraud trends so that we can develop solutions quickly and ensure that our customers are always ahead of the game when it comes to fraud protection. This week, we added and enhanced several features to our anomaly detection solution, DetectTA, which now has the ability to monitor a wider range of transactions and provides increased flexibility in crafting rules and alerts. DetectTA’s extended capabilities result in an anomaly detection solution that’s even easier to use and much more powerful.
I write this post with mixed feelings about the adoption and use of crypto and digital currencies. For those who might not know, cryptocurrencies like Bitcoin, Dogecoin and others offer digital online wallets of virtual money. Initially envisioned as irreversible ‘peer-to-peer’ trustless exchanges, these currencies claim to offer the possibility of anonymous transactions between strangers, without the need for a historically trusted intermediary such as a financial institution or payment processor to back them up (and charge a fee for the privilege). Instead, these decentralized currencies rely on complex computer algorithms and a public ledger of all transactions (without identifying information about the people performing them) to keep the system honest.
One of the things that we do at Easy Solutions, to help protect banks from fraud, is perform passive monitoring on paste sites, social media sites, and the black market. We see all kinds of crazy things and we wanted to share this example. In the case below, we found what appeared to be source code for one of our client’s mobile banking apps. We pay attention to this kind of thing because evidence of publication of source code can lead directly to increased attacks-especially as they relate to mobile apps.
InfoRiskToday (http://www.inforisktoday.co.uk/) has a great article out today, that highlights some of the key developments in the P.F. Chang’s breach.
While there are no indicators of card fraud yet, we’ll be monitoring closely for any activity. Easy Solutions’ Bryan Jardine also shares his insights within the piece, noting that “Often the valuation of a card decreases over time. It is more cost-effective for the fraudsters to get them on the market as quickly as possible. This is easy money for them.” For the full article, visit http://www.inforisktoday.co.uk/pf-changs-breach-6-key-developments-a-6961/op-1
I read with interest the news that two 9th graders (14-year olds) in Canada found an online manual for a Bank of Montreal (BMO) ATM machine, and hacked in to Operator mode. The “damage” these two inflicted was to change the ATM surcharge (the amount the ATM owner charges the consumer during the transaction) to one cent. No money was extracted, and given their intent and honesty, what they did could be viewed as a “Robin Hood” moment.
BMO’s response was minimal, as they issued the usual comment that “steps will be taken” to ensure it does not happen again. What that presumably means is they will change the default password to stop idle access from anyone with the spare time to Google “ATM OPERATING MODE MANUAL” and follow a few links.
Over the last decade, I have spent the majority of my time focused on strategic planning for fraud prevention and fraud program enhancements. During this time, I have met and spoken with countless financial and law enforcement professionals who are facing the challenges of ever-changing fraud environments. Due to the nature of fraud, my programs had to be ever-changing as well. I have taken the time to identify the most reoccurring themes I have seen throughout my travels and wanted to share them with you.
This week we were greeted with news of a new banking trojan malware variant named Zberb. This trojan was described breathlessly by the security community as an “evil monster” and a “hybrid beast” in one hyperbole-laced article. Why is Zberb so terrifying and why should we take all of our money out of the bank, convert it to bullion and bury it in the yard? Well, from a technical perspective, Zberb was designed and built by combining features already in the wild from two major bank trojan families, Zeus/Zbot and Carberb.
Both of these trojans have been in the wild for a long time and have been consistently improved with new attack vectors, new detection migitations and new communications mechanisms.