business fraud presented by robert j. rebhan financial crimes expert
Post on 15-Dec-2015
216 Views
Preview:
TRANSCRIPT
Business FraudBusiness Fraud
Presented by Robert J. RebhanPresented by Robert J. Rebhan
Financial Crimes ExpertFinancial Crimes Expert
Inside Out VulnerabilitiesInside Out Vulnerabilities
Exploiting TrustExploiting Trust
President ObamaPresident Obama::
““I want a kill switch for the Internet.”I want a kill switch for the Internet.”
Richard SkinnerRichard Skinner::
““We can’t protect secrets.”We can’t protect secrets.”
Federal Trade CommissionFederal Trade Commission::
““Shut down access to any system that has Shut down access to any system that has been infected by virus or malware.”been infected by virus or malware.”
MalwareMalware
BotnetsBotnets
DDoS (Distributed Denial of Service AttacksDDoS (Distributed Denial of Service Attacks
BotnetsBotnets
10,000 Bot Servers10,000 Bot Servers
Bot Herders – use exploitsBot Herders – use exploits
Bot WarsBot Wars
Underground EconomyUnderground Economy
BotnetsBotnets
What else can Botnets do with control?What else can Botnets do with control?– Send SpamSend Spam– Store Images & Data on PCs & ServersStore Images & Data on PCs & Servers– Attack Your FinancialsAttack Your Financials
Keystroke CaptureKeystroke Capture
Man-in-the-End-Point AttacksMan-in-the-End-Point Attacks
Man-in-the-Middle AttacksMan-in-the-Middle Attacks
Trend: Hit Small to Mid-Size Trend: Hit Small to Mid-Size BusinessesBusinesses
Case Study: RubbermaidCase Study: RubbermaidAtlanta, GeorgiaAtlanta, Georgia
Loss: $150,000.00 Systems RepairLoss: $150,000.00 Systems Repair
Suspect: Bob Bentley – 17-year-old Suspect: Bob Bentley – 17-year-old FloridianFloridian
Method: Exploited Server VulnerabilityMethod: Exploited Server Vulnerability
Case Study: Hillary MachineryCase Study: Hillary MachineryHouston, TexasHouston, Texas
Loss: $600,000.00Loss: $600,000.00
Suspects: Russians, Estonians and other Suspects: Russians, Estonians and other East EuropeansEast Europeans
Method: Cyber Thieves wire transferred Method: Cyber Thieves wire transferred funds to American accountsfunds to American accounts
Bank’s Position: Their security is Bank’s Position: Their security is commercially reasonablecommercially reasonable
Case Study: Experi-MetalCase Study: Experi-MetalSterling Heights, MichiganSterling Heights, Michigan
Loss: 1.9 MillionLoss: 1.9 Million
Suspects: Russians, Estonians and other Suspects: Russians, Estonians and other East EuropeansEast Europeans
Method: Cyber Thieves monitored Method: Cyber Thieves monitored legitimate email and later “spoofed” a legitimate email and later “spoofed” a demand to renew EMI’s digital certificatesdemand to renew EMI’s digital certificates
Bank’s Position: Their security is Bank’s Position: Their security is commercially reasonablecommercially reasonable
So How Do Cyber Criminals Do It?So How Do Cyber Criminals Do It?
Drive-By DownloadsDrive-By Downloads
Spoofing & TeasingSpoofing & Teasing
NoteNote: 15-20% of home and business : 15-20% of home and business systems are now in the hands of cyber systems are now in the hands of cyber criminalscriminals
NoteNote: 90% of web threats come from trusted : 90% of web threats come from trusted sitessites
Best Practices for Protecting Best Practices for Protecting Your System and AssetsYour System and Assets
Hire a Competent Tech GuyHire a Competent Tech Guy
Update Systems RegularlyUpdate Systems Regularly
Disable USB PortsDisable USB Ports
Stop Employees From Risky BehaviorStop Employees From Risky Behavior
Monitor Bank Accounts Regularly by Monitor Bank Accounts Regularly by TelephoneTelephone
Best Practices for Protecting Best Practices for Protecting Your System and AssetsYour System and Assets
Train StaffTrain Staff
Separate SystemsSeparate Systems
Regulate Personal Devices on PropertyRegulate Personal Devices on Property– Create Personal Use Computer for Create Personal Use Computer for
Employees (Workstation)Employees (Workstation)For Personal EmailsFor Personal Emails
For browsing the Internet without riskFor browsing the Internet without risk
Corporate Incident ResponseCorporate Incident Response
The Team:The Team:– ExecutivesExecutives– Risk ManagerRisk Manager– LegalLegal– HRHR– IT ManagerIT Manager– Chief Information OfficerChief Information Officer– Marketing Officer (Press Release)Marketing Officer (Press Release)
Start a LogStart a Log
Notify the FedsNotify the Feds
Checking AccountsChecking Accounts
Inside-Out AttacksInside-Out Attacks
– CyberCyber– Local CriminalLocal Criminal– Employee EmbezzlementEmployee Embezzlement
Checking AccountsChecking Accounts
Criminals have . . .Criminals have . . .
Altered ChecksAltered Checks
Counterfeited ChecksCounterfeited Checks
Stolen BlanksStolen Blanks
Checking AccountsChecking Accounts
Employees have . . .Employees have . . .
Written Checks to Phantom EmployeesWritten Checks to Phantom Employees
Received Kickbacks on Vendor OverpaysReceived Kickbacks on Vendor Overpays
Altered Returned ChecksAltered Returned Checks
Checking AccountsChecking Accounts
When Reordering, or Opening New Accts:When Reordering, or Opening New Accts:
Use Initials (Gender Mysterious) Use Initials (Gender Mysterious)
P. O. BoxP. O. Box
Remove SSN, B.D., Phone, Etc.Remove SSN, B.D., Phone, Etc.
Pick up Checks at the BankPick up Checks at the Bank
Upgrade to Safe ChecksUpgrade to Safe Checks
Checking AccountsChecking Accounts
When Hand Writing a Check (At Home or in When Hand Writing a Check (At Home or in Business):Business):
Use Gel Ink 9 or Uniball 207 (Never Felt Use Gel Ink 9 or Uniball 207 (Never Felt Tip)Tip)Perfect SignaturesPerfect SignaturesNo Spaces Between Text and DigitsNo Spaces Between Text and DigitsOnly Use to Pay a Reputable EntityOnly Use to Pay a Reputable EntityCheck Balance Frequently by TelephoneCheck Balance Frequently by Telephone
Checking AccountsChecking Accounts
Suggestions:Suggestions:
Remote Deposit Capture – Reject It! Remote Deposit Capture – Reject It! (Vulnerabilities)(Vulnerabilities)Stop Pay Shelf LifeStop Pay Shelf LifeUse Laser Printer For TextUse Laser Printer For TextWatch Your Ink Temperatures – Cool vs. Watch Your Ink Temperatures – Cool vs. HotHotPrint Text in Size 14 FontPrint Text in Size 14 Font
Checking AccountsChecking Accounts
Suggestions (continued…)Suggestions (continued…)
Test Checks used to Verify the Accuracy of Your Printer Test Checks used to Verify the Accuracy of Your Printer Should be Voided and Shredded ImmediatelyShould be Voided and Shredded Immediately– Keep in mind copiers and PDAs have memoryKeep in mind copiers and PDAs have memory
Keep Check Stock Locked in a Vault or Other Secure Keep Check Stock Locked in a Vault or Other Secure LocationLocation– If forger gets blank stock, you can be held liable even If forger gets blank stock, you can be held liable even
with Pos Pay and blank stockwith Pos Pay and blank stock
Have Bank Statements Mailed to a Secure LocationHave Bank Statements Mailed to a Secure Location– HomeHome
Checking AccountsChecking Accounts
Suggestions (continued…)Suggestions (continued…)
Separate Tasks:Separate Tasks:
– Do not allow the person who prints or writes the checks Do not allow the person who prints or writes the checks to reconcile the accountto reconcile the account
Closed Accounts . . .Closed Accounts . . .
– Can be reactivated by simply depositing a discarded Can be reactivated by simply depositing a discarded checkcheck
– Solution: Shred the old checksSolution: Shred the old checks
Employee Background Checks on Accounting & Mailroom Employee Background Checks on Accounting & Mailroom Staff and Anyone Handling Increased Corp. ResponsibilityStaff and Anyone Handling Increased Corp. Responsibility
Checking AccountsChecking Accounts
Suggestions (continued…)Suggestions (continued…)
Mailroom Procedures and Personnel should be Mailroom Procedures and Personnel should be Monitored (Charity)Monitored (Charity)
Use Positive PayUse Positive Pay
Set Up Wire Transfers – “Deposit Only”Set Up Wire Transfers – “Deposit Only”
Move Funds to Secure Accounts Not Linked to Move Funds to Secure Accounts Not Linked to WebWeb
Report Break-Ins ImmediatelyReport Break-Ins Immediately
Monitor Accounts DailyMonitor Accounts Daily
Checks Checks
Security Features:Security Features:
Desolving InkDesolving InkChemical Sensitive PaperChemical Sensitive PaperMicro PrintingMicro PrintingThermochromatic InkThermochromatic InkExpiration DateExpiration DateToner AnchorToner AnchorWarning BandWarning BandPantographs, Holograms, Watermarks, etc.Pantographs, Holograms, Watermarks, etc.
EmployeeEmployee
Embezzlement Prevention Starts With . . .Embezzlement Prevention Starts With . . .
If you like mysteries, read one; don’t hire If you like mysteries, read one; don’t hire one one
Employee Employee
New Hire Application Research:New Hire Application Research:
Get WaiverGet WaiverSearch Social Networking SitesSearch Social Networking SitesBackground Checks – Criminal & CivilBackground Checks – Criminal & CivilPhone All ReferencesPhone All ReferencesSolicit Explanation of Anomalies Solicit Explanation of Anomalies
EmployeeEmployee
Once Hired . . .Once Hired . . .
Notice – Handbook Customized for Notice – Handbook Customized for PositionPosition
MonitorMonitor
VerifyVerify
AuditAudit
Quick Tips For Safer FinancialsQuick Tips For Safer Financials
Tell your staff about “social engineering.” Tell your staff about “social engineering.” This method of gleaning confidential This method of gleaning confidential information about staff, systems, and information about staff, systems, and operations, can occur by phone, in person, operations, can occur by phone, in person, or computer phishing.or computer phishing.
Quick Tips For Safer Financials Quick Tips For Safer Financials
Clean Desk PolicyClean Desk PolicyLock All FilesLock All FilesRestrict Cleaning Crew AccessRestrict Cleaning Crew AccessRecord Copier Counter NumberRecord Copier Counter Number
Quick Tips For Safer FinancialsQuick Tips For Safer Financials
Shred all discarded confidential Shred all discarded confidential information, including all invoices and information, including all invoices and statements. For ID thieves, office trash statements. For ID thieves, office trash bags and bins are favored hunting bags and bins are favored hunting grounds.grounds.
Radio Frequency I.D.Radio Frequency I.D.
R.F.I.D.R.F.I.D.Radio Frequency IdentificationRadio Frequency Identification
Active DevicesActive Devices
Passive DevicesPassive Devices
The technology permits issuing every The technology permits issuing every
object on the planet a unique object on the planet a unique
identification numberidentification number
R.F.I.D. - SizeR.F.I.D. - SizeSeedSeed
R.F.I.D. - SizeR.F.I.D. - Size
WaferWafer
R.F.I.D. - SizeR.F.I.D. - Size
TicksTicks
R.F.I.D. – Can Be Found InR.F.I.D. – Can Be Found In
Credit Cards “Blink”Credit Cards “Blink”Speed PassSpeed PassLibrary BooksLibrary BooksPassportsPassportsStore MerchandiseStore MerchandiseTiresTiresAnimalsAnimals– LivestockLivestock– FishFish– HorsesHorses– PetsPets
HumansHumans– MedicalMedical– Secure Location AccessSecure Location Access
R.F.I.D. – ApplicationsR.F.I.D. – Applications
Inventory ControlInventory Control
Identifying Lost PetsIdentifying Lost Pets
Security AccessSecurity Access
Toll Road BillingToll Road Billing
SpyingSpying
R.F.I.D. – The DownsideR.F.I.D. – The Downside
A hacker can make a reader for $20.00A hacker can make a reader for $20.00
A bomb can be rigged to go off when a A bomb can be rigged to go off when a certain person goes bycertain person goes by
Individual rights can be abused by tracking Individual rights can be abused by tracking a person’s movementa person’s movement
It has been broken by hackersIt has been broken by hackers
ATM SecurityATM Security
ATM OverlayATM Overlay
Bank PIN PadBank PIN Pad
ResourcesResources
ResourcesResources
What to Read:What to Read:
2600 magazine2600 magazine
RSS feedsRSS feeds
ResourcesResources
What to Listen to:What to Listen to:
The Tech Guy – Leo LaPortThe Tech Guy – Leo LaPort
Kim KomandoKim Komando
ResourcesResources
Develop Relationships With:Develop Relationships With:
Local Law EnforcementLocal Law Enforcement
FedsFeds
ResourcesResources
What to Join:What to Join:
InfragardInfragard
IAFCIIAFCI
ResourcesResources
Create a Position:Create a Position:
Asset ProtectionAsset Protection
Info Tech Assistant – Employee or KinInfo Tech Assistant – Employee or Kin
Robert J. RebhanRobert J. Rebhan
Financial Crimes ExpertFinancial Crimes Expert
Founder IPFCFounder IPFCInstitute for the Prevention of Financial CrimesInstitute for the Prevention of Financial Crimes
www.ipfc.us
www.robertrebhan.com
(818) 991-4546(818) 991-4546
top related