Upload File

phone fraud threats to government

27
2015 Pindrop Security. Confidential. PHONE FRAUD THREATS TO GOVERNMENT Matt Garland Vice President of Research Pindrop Security September 2, 2015

Upload: pindrop

Post on 13-Apr-2017

274 views

Category:

Government & Nonprofit


0 download

Report

TRANSCRIPT

Page 1: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.

PHONE FRAUD THREATS TO GOVERNMENTMatt GarlandVice President of ResearchPindrop SecuritySeptember 2, 2015

Page 2: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.

NOTE

These slides are from a webinar held October 7,

2015.

You may view a recording of the webinar at

www.pindropsecurity.com/webcast-archive

http://www.pindropsecurity.com/webcast-archive
http://www.pindropsecurity.com/webcast-archive
Page 3: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.2015 Pindrop Security™. Confidential.

Physical PhoneOnline

THE WEAKEST LINK

1995 2010

Page 4: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.

PHONE VULNERABILITIES

Page 5: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.

CUSTOMER SERVICE REPRESENTATIVES

• Human Element• Social Engineering• Customer Experience

Page 6: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.

KNOWLEDGE BASED AUTHENTICATION

• Social Media• Previous Data Breaches

• Online Black Markets• Failure Rates

Page 7: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.

CALLER ID / ANI

• No longer reliable• Spoofing

Page 8: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.

CROSS CHANNEL

• Online • Phone• Physical

Page 9: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.

WHAT IS AT RISK

Page 10: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.2015 Pindrop Security™. Confidential.

CITIZEN DATA

Page 11: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.2015 Pindrop Security™. Confidential.

CITIZEN DATA

$11$30

$500 $0.50

Page 12: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.

GOVERNMENT DATA

• Classified & Unclassified Information

• Internal Statistics• State Secrets

Page 13: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.

PUBLIC SAFETY

• Immigration• National Defense• Funding Terrorism

Page 14: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.

ABUSE OF RESOURCES

• Emergency Services

Page 15: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.2015 Pindrop Security™. Confidential.

FRAUD LOSS

$7.6 millionfraud exposure

$0.57average

fraud lossper call

Page 16: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.2015 Pindrop Security™. Confidential.

FRAUD CALL RATES

Avg. Call Cen-ter

Banks Brokerages Credit Card Retail

1 in 22001 in 2650

1 in 3000

1 in 900

1 in 1000

Page 17: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.

PHONE CHANNEL ATTACKS

Page 18: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.

PHONE FRAUD STEPS

Reconnaissance Account Takeover Monetize the Attack

Page 19: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.

RECONNAISSANCE

• Identify policy holders• Determine policy value• Collect KBA answers

Page 20: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.

ACCOUNT TAKEOVER

• Change contact information• Reset password• Setup online account

Page 21: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.

MONETIZING ATTACKS

• Payment of Benefits• Tax Refunds• File fraudulent claims

Page 22: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.

CROSS INDUSTRY ATTACKS

Validate SSN in IVR Use SSN to get tax transcripts

Target high income individual bank accounts

Page 23: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.

DEFENDING THE PHONE CHANNEL

Page 24: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.2015 Pindrop Security™. Confidential.

LOSS• Packet loss • Robotization • Dropped frames

SPECTRUM• Quantization • Frequency filters• Codec artifacts

NOISE• Clarity• Correlation • Signal-to-noise ratio

147 audio features

UniquePhone

Geo-Location Risk Factors

PHONEPRINTING™

Phoneprint™

Call AudioRequires 15 seconds

of call audio

Risk Score

Call Type

Page 25: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.2015 Pindrop Security™. Confidential.

HOW AGENCIES CAN USE PINDROP

Detect Phone Fraud Forensic Investigation Regulation

Page 26: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.2015 Pindrop Security™. Confidential.

CONCLUSION

• The phone channel is the “weakest link” in protecting citizens and government data

• Sophisticated criminals use the phone channel for reconnaissance, account takeover, and cross-industry attacks

• Best Practice• Use PhoneprintingTM to detect phone fraud and investigate attacks

Page 27: Phone Fraud Threats to Government

2015 Pindrop Security™. Confidential.

PINDROP SECURITYPhone Fraud Stops Here.

For more information contact [email protected]


ELIMINATING PAY PHONE TOLL FRAUD AT THE PORT …...Eliminating Pay Phone Toll Fraud at the Port Authority 95 personal identification numbers (PINs) linked with their commissary accounts,

ECOMMERCE FRAUD TRENDS 2020 · 2019-10-22 · ECOMMERCE FRAUD TRENDS 2020 13 leading eCommerce fraud prevention solutions tell you the threats you need to prepare for in the coming

Online Fraud: Threats & Trends - IBM › ru › events › presentations › cloud13 › 04...Fraud as a Service Create A New Account Selling bank accounts packages: •Bank account

OVER THE PHONE CREDIT CARD FRAUD - Ivrnet

CDYNE Phone Notify! Web Service · Phone Notify! is part of CDYNE‟s suite of fraud detection products that includes Postal Address Verification, Phone Verification, Email Verification,

Lifecycle of a Phone Fraudster: Exposing Fraud … of a Phone Fraudster: Exposing Fraud Activity from Account Reconnaissance to Takeover using Graph Analysis and Acoustical Anomalies

Food Fraud - Threats & Impacts

Experiences in Mobile Phone Fraud

2009:046 MASTER'S THESIS Information Security Threats Against …1015901/FULLTEXT01.pdf · 2016-10-04 · Information Security Threats against Mobile Phone Services (Developer’s

2020 Payment Threats and Fraud Trends · 2020. 12. 7. · Report 2020 Payment Threats and Fraud Trends 2 / 64 EPC244-20 Version 1.0 Date issued: 4/11/2020 Abstract This new edition

Payment Fraud Disruption...Payment Fraud Disruption Webinar: Threats from Website Add-ons and E-commerce Trends Stoddard Lambertson & Sam Cleveland Payment Fraud Disruption September

The new threats from cyber related fraud?

The Digital Battleground - Protecting the Customer Experience in the midst of rising fraud threats

Phone Fraud Detection

ANTI-FRAUD CLIENT BRIEFING 2 · 2020-04-30 · ANTI-FRAUD CLIENT BRIEFING 2 MIAA Anti-Fraud Service 30 April 2020 @MIAANHS MIAA MIAA COVID-19 Fraud Threats & Advice This is MIAA’s

Threats to Independence, Health, and Financial Security Income Security Health Care Financing Consumer Fraud Housing/ Foreclosure Elder Abuse

Mortgage Fraud: New Litigation Threats

Transactional Insurance Fraud Threats

Using the Phone Channel to Detect Money Transfer Fraud

Smart Phone Hacks And Attacks - A Demonstration of Current Threats to Mobile Devices

Online Fraud Trends – Staying Ahead of the Threats

PROTECTING HEALTH CARE PROVIDERS FROM CYBER & FRAUD THREATSschfma.org/PDFs/2017_11_09_Region_V_Webinar.pdf · 11/9/2017 1 PROTECTING HEALTH CARE PROVIDERS FROM CYBER & FRAUD THREATS

SMX East 2015 Protecting Your Brand From Online Fraud, Infringement & Other Emerging Threats

Data Security Breach Notification Laws · crimes (e.g., credit card fraud, phone or utilities fraud, bank fraud, mortgage fraud, employment-related fraud, government documents or

The Top Frauds & Scams · 3. Close all accounts. Phone each company’s fraud division. File a fraud-dispute form ASAP 4. Request a new driver’s license and have a fraud report

Keeping Fraud Detection Software Aligned Title...Title WITE PAPER Keeping Fraud Detection Software Aligned With the Latest Threats Why it matters − and how next-generation software

Mobile Phone Security, Outline GSM Characteristics Interception and Forensics · 2016-09-11 · GSM Theory Threats-Dangers-Fraud Net Monitor GSM Network Codes ... Log in/out alarm,

Countering Cross-Channel Fraud Threats

Revisiting Mobile Advertising Threats with MAdLifewei/papers/ · click fraud and malvertising. We discover that users of click fraud apps are much more likely to experience malvertising

THE DEFINITIVE OVERVIEW OF PAYMENT INDUSTRY FRAUD · PDF fileTHE DEFINITIVE OVERVIEW OF PAYMENT INDUSTRY FRAUD. ... Phone banking fraud 33 ... Fraud-to-turnover for all payment cards

Protecting Your Brand from Online, Fraud, Hijacking, Infringement & Other Threats

Inside Phone Fraud: The Home Depot Breach

Threats to Mobile Phone Users’ Privacy - Memorial University

THE STATE OF PHONE FRAUD 2014-2015 A GLOBAL, … · THE STATE OF PHONE FRAUD 2014-2015 A GLOBAL, CROSS-INDUSTRY THREAT DRAFT DRAFT ... gotten more publicity as scams,

2021 Payments Threats and Fraud Trends Report