001-mavis - criminal acts in the telecom field
TRANSCRIPT
1
Criminal acts in the Telecom Field, detection methods and countermeasures
Mr. Michalis Mavis, MSc, MSc
f. Chairman Hellenic Fraud Forum
TELECOM FORUMSULTANATE OF OMAN
13-15 April 2015
2
White Collar Crime increase
• WCC=> White Collar
Crime.
• Normally no
weapons, bombs or
guns are used…
Massive surge in criminal incidents during the past 10 years.
3
Many faces of fraud and E-crimes
• Telecom Fraud.
• Banking fraud & money
laundering.
• Mortage fraud.
• Insurance fraud.
• Other types of fraud and
electronic crimes.
4
Target of Fraud and E-crimes
Telecom fraud may be committed by :
• C2B fraud: Isolated persons or organized
criminal rings against Telecom Operators
and/or Service Providers.
• B2B fraud: But it may take place when
fraud is committed by one Telecom
Operator against other Telecom Operator
and/or Service Provider (competitor fraud)...
• G2B & G2G attacks !!!
5
TrendsPresent & Future
6
Current & future trends
• Convergence of IT, Telecom, Banking and
Entertainment.
• Mobility everywhere (business and private
environment).
• New services (e.g. mobile banking) and new
terminal equipment (e.g. smart watch).
• Next Generation Networks (based on IP
technology).
• Crime and fraud move now … against content.
7
Some interesting business cases …
TELECOM
FRAUD
8
Identity theft (a fast growing problem)
• Social Media (e.g. Facebook) information about
the victim.
• Stealing an original bill (e.g. power line bill) from
victim’s house post-box, or building entrance.
This is now a good proof of address.
• Producing faked docs (e.g. tax
certificate and/or id-card).
• Hacking his mobile or pc for
additional information.
9
Skimming attack on the RFID passports
• Cheap hardware used for illegal copying
information (on the air) from the victim’s
passport (in airports, cafeterias etc.).
10
• ID-theft then used to get illegally SIM cards and
other goods (subscription fraud).
• Mobile phones with SIM cards got with other
persons private data are then used for financial
fraud (high value money fraud).
• Calls are made to Premium Rate Services
numbers (high cost phone services). In the
country or abroad
(roaming fraud). The fraudster
gets “bonus” for those calls
from the PRS provider.
Subscription fraud calls to PRS
11
INTENTITY THEFT AND SUBSCRIPTION FRAUD IN MOBILE PHONES…
12
Gabling and casinosmobile phones subscription fraud
• SIM cards illegally obtained (subscription fraud) are then
used, in different applications, e.g. to play in online casino.
• The fraudster using the illegal SIM cards makes calls to
Casino PRS numbers to get marks for playing in the online
Casino (e.g. 100 $/per call).
• Instead of playing to the Casino with the credit he got,
transfers the money to a bank account obtained under faked
identity.
• He gets the money and disappears.
13
P.R.S. calls for illegal money
• Fraudulent calls by mobile
subscription fraud.
TELEPHONE PIZZA
• Telephone cards that
never expire …
14
M-commerce & m-banking fraud
• Cloned SIM cards used in m-commerce or
m-banking. The bill goes to the owner of the card.
• IP spoofing: IP packets from an illegal device
seem to originate from a legal one.
• Hackers using sniffer types of programs are
stealing from the traffic credit card numbers and
other sensitive
information.
15
Recent multinational banking fraud
The CarBanak attack
16
ILLEGAL MONITORING
of communications(industrial or government
espionage)
C2C, G2B & G2G attacks…
17
PABX fraud
• Attacking the DISA service for making free calls.
• Call Selling operations.
• Activating illegal monitoring of communications
without traces… (automatic attendant).
18
Spying programs:
Monitoring performed
for your own benefit…
19
20
Espionage malware :
(the Equation Group attack) (known in Feb-2015)
21
Victims infected since 2001
• Government and diplomatic institutions.
• Telecoms.
• Aerospace.
• Energy.
• Nuclear research.
• Oil and gas.
• Military.
• Nanotechnology.
• Mass media.
• Transportation.
• Financial institutions.
• Companies developing encryption technologies.
22
Detection & Countermeasures
• Training (know the enemy).
• Use of tools (FMS, A2)
• Build a well trained Anti-fraud Unit
in your company – organization.
• Establish a Security Policy and
enforce its use.
• Participate to international
organizations dealing with fraud
and security (GSM Fraud Forum, FIINA, etc.)
• Built a National Fraud Forum to exchange information inside your
country. Examples in Europe include UKFF, DFF, HFF etc.
• Be proactive and search continually for new threats.
• Perform security audits in regular intervals.