Fraud Management Industry Update Webinar
-
Upload
cvidya-networks -
Category
Business
-
view
340 -
download
0
description
Transcript of Fraud Management Industry Update Webinar
![Page 1: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/1.jpg)
OPERATIONAL RISK MANAGEMENT & COMPLIANCE
© 2012 – PROPRIETARY AND CONFIDENTIAL INFORMATION OF CVIDYA
Fraud Management Industry Update
Webinar, September 2014
Dr. Gadi Solotorevsky
CTO – cVidya Networks
Ambassador, Distinguished Fellow and RA Team Leader – TM Forum
![Page 2: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/2.jpg)
Agenda
CFCA survey
TM Forum classification and survey
Account take over
Fighting Fraud with Cyber Intelligence
2
![Page 3: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/3.jpg)
CFCA Survey 2013
![Page 4: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/4.jpg)
CFCA Survey – Fraud Growth
Global fraud loss survey trend – based on previous surveys
Global fraud losses showing a 15% increase in 2013
![Page 5: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/5.jpg)
CFCA Fraud Survey
5
![Page 6: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/6.jpg)
CFCA Fraud Survey
6
![Page 7: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/7.jpg)
CFCA Fraud Survey
7
![Page 8: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/8.jpg)
CFCA Fraud Survey
8
![Page 9: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/9.jpg)
CFCA Fraud Survey
9
![Page 10: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/10.jpg)
CFCA Fraud Survey
10
![Page 11: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/11.jpg)
CFCA Fraud Survey
11
![Page 12: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/12.jpg)
CFCA Fraud Survey
12
![Page 13: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/13.jpg)
Telephone numbers in the United Kingdom
13 Source Wikipedia: Telephone numbers in the United Kingdom
![Page 14: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/14.jpg)
Telephone numbers in the United Kingdom
14
Source Wikipedia: Telephone numbers in the United Kingdom
![Page 15: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/15.jpg)
CFCA Fraud Survey
15
![Page 16: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/16.jpg)
CFCA Fraud Survey
16
![Page 17: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/17.jpg)
CFCA Fraud Survey
17
![Page 18: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/18.jpg)
CFCA Fraud Survey
18
![Page 19: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/19.jpg)
Key Analysis and Observations
Revenue Share Fraud (International and National) continues to be the biggest reported threat at GSMA
– Both in terms of the number of cases and the value of losses reported
Revenue Share Fraud (International and National) is Driving Other Fraud Types
– Most subscription Fraud and PBX Hacking cases reported were linked to revenue share service abuse
PBX Hacking involving Supplied Equipment
– Several PBX hacking cases involved equipment that was not supplied by the operator
Usage monitoring is the primary method of detection cited
– FMS, High Usage Monitoring, NRTRDE/HUR, CDR Analysis etc
Is this due to a narrow focus?
Would these issues be a
better control point
An Impact of convergence?
Is this too reactive?
![Page 20: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/20.jpg)
Fraud Classification Model – TM Forum
![Page 21: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/21.jpg)
Fraud Classification Model – TM Forum
• Why do we need an effective FM Classification Model?
Fraud Scenario Referred Fraud Types Statistics
“Fraudster generates a high volume of calls to a PRS number range that he owns in another country with no intention to pay.”
• PRS
• IRSF
• PRS/IRSF
• Bypass/SIMBOX
• PABX Hacking
• Clip-on
• Stolen Line
• Subscription
• Dealer
• Payment
• PBX / Voicemail
• Roaming out
Unique: 39%
Multiple: 44%
Structured: 17%
An example from the 2012 TMForum Fraud Survey
![Page 22: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/22.jpg)
CFCA 2011 f Survey Fraud types
22
![Page 23: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/23.jpg)
Fraud Classification Model - Challenges
• Distinct names for the same Fraud Type
• Distinct interpretation depending on the core service (Mobile, Fixed, Cable, etc.)
• Multiple Frauds perpetrated in the same Fraud Case
• Fast changing nature of Fraud
• Need for a multi-dimensional analysis
• Need for different levels of abstraction
• Existence of several similar Ad hoc “Fraud Type” lists
![Page 24: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/24.jpg)
Proposed Classification Model - TM Forum
Summary of Relations Between
Enablers – Fraud Types
Subscription Fraud
Hacking of Network Elements
Arbitrage
Mobile Malware
ENABLERS
(Vulnerabilities)
FRAUD TYPE
(Fraudulent Scheme)
TELE
CO
MS
SER
VIC
E FR
AU
D
Cloning of SIM Card/Equipment
Protocol/Signalling Manipulation
Tariff Rates/Pricing Plan Abuse
False Base Station Attack
Misconfiguration of Network/Service Platforms
International Revenue Share Fraud
Reselling of Calls
Wholesale Fraud
Private Use
Commissions Fraud
Traffic Inflation for Credits/Bonus
Charging Bypass
Interconnect Bypass SIMBox Gateway
OBJECTIVE
(Scope)
Make Money/Profit
Obtain Free Services/Goods
Obtain Credits/Bonuses
Obtain Commissions
Obtain Money
Access User Bank Account
Pretending to Be the Operator
……….
BA - Related Fields
Fraud Management
Security Management
Revenue Assurance
- Revision of Internal Procedures, Processes and Products/Services
- Implementation of Technical Solutions at Network and Service Platforms
Development, Enhancement and Reconfiguration of Fraud Management Systems (FMS)
![Page 25: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/25.jpg)
Account Takeover
![Page 26: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/26.jpg)
What is it?
Account Takeover Fraud (ATO, also known as ‘Facility takeover’ fraud) occurs where a
person (the ‘facility hijacker’) unlawfully obtains access to details of the ‘victim of takeover’,
namely an existing account holder or policyholder, and fraudulently operates the account or
policy for his or her own (or someone else’s) benefit.
Methodologies often form around the social engineering of existing customers or customer
service and sales processes
– Web Self Service portals
– IVR
– Upgrades, additional lines & Sim Swap
? ? ?
![Page 27: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/27.jpg)
2008
Account Takeover Overview
As a result of the Credit crunch operator behaviours have changed encouraging the growth in ATO worldwide (particularly well developed and competitive markets)
As an example - Growth of ATO in the UK
– 330% in 2009, In 2010 a further 70% growth
Upgrades or Additional Lines?
– In 2008 - 92% additional, 8% upgrades
– In 2009 – 55% additional, 45% upgrades
– In 2010 – 37% additional, 63% upgrades
– Further growth in 2011 & 2012
This growth has been replicated worldwide
Source: Cifas
2009
2010
![Page 28: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/28.jpg)
Issues and Causes
Pressure points in your organisation and market allowing ATO;
– Focus on Customer retention & Churn reduction
– Simplifying Customer Services (CS) processes
– Customer satisfaction
– Push for reductions in CS costs and ACHT
– Reliance on simplistic Knowledge Based Authentication (KBA)
– Internal sales pressure on staff
– Desire for growth
Fraudsters manipulate these pressure points
– KBA, can be weak (ease of use) and simply compromised via social engineering
– CS staff also liable to social engineering, based on sales & time pressures and related financial incentive
– Less restrictions and checks in place on existing customer processes (compared to new applications)
– Greater profit value for fraudsters (top offers for existing customers)
![Page 29: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/29.jpg)
Typical flow & Pressure points
LOGISTICS AGENT
CRM
WWW
IVR
Social engineering Data Misuse
Process Abuse Logistics Manipulation
![Page 30: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/30.jpg)
Account Takeover
30
http://diario.elmercurio.com/detalle/index.asp?id=%7B3c91699d-fa58-4d2a-a3d0-496a46fc9a55%7D
![Page 31: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/31.jpg)
Account Takeover
31
http://diario.elmercurio.com/detalle/index.asp?id=%7B3c91699d-fa58-4d2a-a3d0-496a46fc9a55%7D
![Page 32: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/32.jpg)
SIM Swap Fraud
http://www.finextra.com/blogs/fullblog.aspx?blogid=7766
32
![Page 33: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/33.jpg)
Fighting Fraud with Cyber Intelligence
33
![Page 34: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/34.jpg)
SIM Card Trade
Anonymous SIM card trade on an
underground market
− It isn't clear whether these cards are stolen from customers or the company itself
− These SIM cards are available in big quantities
![Page 35: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/35.jpg)
Fraudsters Guides
Hand Picked Set of Guides for Beginner Fraudsters – Premium. Including fraud method of how to get your own SIM cards from anywhere.
How to steal people's information
![Page 36: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/36.jpg)
Account Take Over Guide
![Page 37: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/37.jpg)
Stolen Identities are cheap on the darknet
37
Source: http://www.itspecialist.com/Home/FeatureArticles/TabId/208/ArticleId/99/language/en-US/#.VBftKdK_nmI
![Page 38: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/38.jpg)
Customer’s & Employees Information
XXX workers' emails leaked by YYYY pre-leak
Online publication of XXX clients and workers' information
– Client's details (name, cell number, ssn on file, address)
XXX.net users and passwords (published in an underground forum):
![Page 39: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/39.jpg)
Public Web
• “How to” blogs and forums
• Customer’s complaint sites
• Paste Sites
Dark-Net
• Underground Markets – sales of fraud services,
SIMs, Identities and Internal information
• Underground Forums – Tutorials and methods to
perform different types of fraudulent activities
Sources of Information
![Page 40: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/40.jpg)
Dark-Net Search
– The Dark-Net search, looks all over the Internet for information, located mostly in hackers and fraudsters’ forums and boards
– This information is hard to reach, sometimes hidden in closed forums or chat rooms behind passwords and vetting processes
– The Dark-Net search can be tailor-made to CSPs specific needs and gives a clear picture about the company’s reflection in the illegal zones of the web
![Page 42: Fraud Management Industry Update Webinar](https://reader034.fdocuments.in/reader034/viewer/2022052321/5561b8dfd8b42a46138b4e0c/html5/thumbnails/42.jpg)
THANK YOU! www.cvidya.com
42