SlideShare ist ein Scribd-Unternehmen logo

Cyber fraud in banks

Network Intelligence India
Network Intelligence India
TechnologieBusiness
1 von 35
Downloaden Sie, um offline zu lesen
Cyber Fraud Challenges & Solutions K. K. Mookhey Principal Consultant Network Intelligence India Pvt. Ltd.
Agenda Ground Reality – Digesting the Hard Facts Online Banking Fraud The Data Theft Epidemic Skimming & ATM Fraud Spear Phishing & APT Identifying Technology Red Flags Technology Fraud Risk Management Resources
Online Banking Fraud
Primary fix? 2-factor Or OTP User Awareness
The Data Theft Epidemic
What price India? Online examples…
Fresh record price = Rs. 75 Converted customer price = Rs. 150
Skimming – Basic & Advanced
THE TRAP ♦ The trap is made up of XRAY film, which is the preferred material by thieves; Simply because of the black color which is similar in appearance to the slot on the card reader.
Placing the TRAP ♦ The trap is then inserted into the ATM slot. Care is taken not to insert the entire film into the slot, the ends are folded and contain glue strips for better adhesion to the inner and outer surface of the slots.
INVISIBLE ♦ Once the ends are firmly glued and fixed to the slot, it is almost impossible to detect by unsuspecting clients.
How is your card confiscated? ♦ Slits are cut into both sides of the trap, This prevents your card being returned prior to completing your transaction.
Retrieval of Confiscated card. ♦ As soon as the “Customer” has gone, and they have your PIN , The thief can remove the glued trap, by grasping the folded tips, he simply pulls the trap out that has retained your card..
Advanced skimming - video
Where’s the silver lining?!
Technology Red Flags Systems crashing Audit trails not available Mysterious “system” user IDs Weak password controls Simultaneous logins Across-the-board transactions Transactions that violate trends – weekends, excessive amounts, repetitive amounts Reluctance to take leave or accept input/help Reluctance to switch over to a new system
The IIA – IT & Fraud Risks Fraudulent Financial Reporting • Unauthorized access to accounting applications — Personnel with inappropriate access to the general ledger, subsystems, or the financial reporting tool can post fraudulent entries. • Override of system controls — General computer controls include restricted system access, restricted application access, and program change controls. IT personnel may be able to access restricted data or adjust records fraudulently.
The IIA – IT & Fraud Risks Misappropriation of Assets • Theft of tangible assets — Individuals who have access to tangible assets (e.g., cash, inventory, and fixed assets) and to the accounting systems that track and record activity related to those assets can use IT to conceal their theft of assets. • Theft of intangible assets — Given the transition to a services-based, knowledge economy, more and more valuable assets of organizations are intangibles such as customer lists, business practices, patents, and copyrighted material. Corruption • Misuse of customer data — Personnel within or outside the organization can obtain employee or customer data and use such information to obtain credit or for other fraudulent purposes.
• As part of an organization’s governance structure, a fraud risk management program should be in place, including a written policy Principle 1 to convey the expectations of the board of directors and senior management regarding managing fraud risk. • Fraud risk exposure should be assessed periodically by the Principle 2 organization to identify specific potential schemes and events that the organization needs to mitigate. • Prevention techniques to avoid potential key fraud risk events Principle 3 should be established, where feasible, to mitigate possible impacts on the organization. • Detection techniques should be established to uncover fraud events Principle 4 when preventive measures fail or unmitigated risks are realized. • A reporting process should be in place to solicit input on potential fraud, and a coordinated approach to investigation and corrective Principle 5 action should be used to help ensure potential fraud is addressed appropriately and timely.
Leveraging Technology Data Leakage Prevention Email Gateway Filtering Security & Controls by Design Information Rights Management Identity & Access Control Management Data Encryption Business Intelligence Solutions Revenue Assurance & Fraud Management Solutions Forensic Investigation Capabilities
Chapter 6 – Cyber Frauds Special Committee of the Board to be briefed separately Independent Fraud Risk Management Group (FRMG) Fraud Review Councils to be set up Fraud Vulnerability Assessments New products to be reviewed by (FRMG) Banks to share details of fraudulent employees Transaction monitoring group/system Continuous trainings Employee awareness and rewarding whistleblowers Training institute for financial forensic investigation Sharing of fraud management experiences State-level Financial Crime Review Committee Multi-lateral arrangement amongst banks to deal with online frauds
Resources Fraud Risk Management System in Banks http://www.rbi.org.in/scripts/NotificationUser.aspx?Id=527 3&Mode=0 IIA – Fraud Prevention and Detection in an Automated World http://www.theiia.org/guidance/technology/gtag13/
Thank you! Questions? kkmookhey@niiconsulting.com Information Security Information Security Training Consulting Services Services

Empfohlen

Credit card frauds
Credit card fraudsCredit card frauds
Credit card fraudsJeetendra Khilnani
 
State of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsState of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsGoutama Bachtiar
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime pptMOE515253
 
Bank frauds
Bank fraudsBank frauds
Bank fraudsjagannath ojha
 
Identity theft ppt
Identity theft pptIdentity theft ppt
Identity theft pptCut 2 Shreds
 
Aml cft training programme
Aml cft training programmeAml cft training programme
Aml cft training programmeSubhalakshmi Girish
 
Bank frauds & its safety
Bank frauds & its safetyBank frauds & its safety
Bank frauds & its safetyBISWAJITGHORAI2
 
Internet Fraud
Internet FraudInternet Fraud
Internet FraudVasundhara Singh Gautam
 

Empfohlen

Credit card frauds
Credit card fraudsCredit card frauds
Credit card fraudsJeetendra Khilnani
 
State of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsState of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsGoutama Bachtiar
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime pptMOE515253
 
Bank frauds
Bank fraudsBank frauds
Bank fraudsjagannath ojha
 
Identity theft ppt
Identity theft pptIdentity theft ppt
Identity theft pptCut 2 Shreds
 
Aml cft training programme
Aml cft training programmeAml cft training programme
Aml cft training programmeSubhalakshmi Girish
 
Bank frauds & its safety
Bank frauds & its safetyBank frauds & its safety
Bank frauds & its safetyBISWAJITGHORAI2
 
Internet Fraud
Internet FraudInternet Fraud
Internet FraudVasundhara Singh Gautam
 
Cybersecurity in Banking Sector
Cybersecurity in Banking SectorCybersecurity in Banking Sector
Cybersecurity in Banking SectorQuick Heal Technologies Ltd.
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityMd Nishad
 
Preventing Bank's Fraud and Forgery
Preventing Bank's Fraud and ForgeryPreventing Bank's Fraud and Forgery
Preventing Bank's Fraud and ForgeryAsad Hameed
 
Banking Frauds - An analysis of Banking Frauds, causes and possible preventiv...
Banking Frauds - An analysis of Banking Frauds, causes and possible preventiv...Banking Frauds - An analysis of Banking Frauds, causes and possible preventiv...
Banking Frauds - An analysis of Banking Frauds, causes and possible preventiv...Dinidu Weeraratne
 
Cyber crime and fraud
Cyber crime and fraudCyber crime and fraud
Cyber crime and fraudFCA - Future Chartered Accountants
 
Online Scams and Frauds
Online Scams and FraudsOnline Scams and Frauds
Online Scams and FraudsQuick Heal Technologies Ltd.
 
Phishing ppt
Phishing pptPhishing ppt
Phishing pptSanjay Kumar
 
Fraud Presentation
Fraud PresentationFraud Presentation
Fraud Presentationmbachnak
 
Electronic payment by ahmad
Electronic payment by ahmadElectronic payment by ahmad
Electronic payment by ahmadMohd. Ahmad Siddiqi
 
AML Training uba capital
AML Training uba capitalAML Training uba capital
AML Training uba capitalSEGUN AREMU B.sc Banking and Finance (ACIB)
 
AML presentation
AML presentationAML presentation
AML presentationJowhar Roshan
 
Identity theft
Identity theftIdentity theft
Identity theftEqhball Ghazizadeh
 
Cyberlaw and Cybercrime
Cyberlaw and CybercrimeCyberlaw and Cybercrime
Cyberlaw and CybercrimePravir Karna
 
Cybercrime ppt competition
Cybercrime ppt competitionCybercrime ppt competition
Cybercrime ppt competitionMumbai University
 
Aml basics
Aml basicsAml basics
Aml basicsDavid F Amakobe
 
Fraud Detection presentation
Fraud Detection presentationFraud Detection presentation
Fraud Detection presentationHernan Huwyler
 
Basics of Anti-Money Laundering : A Really Quick Primer
Basics of Anti-Money Laundering : A Really Quick PrimerBasics of Anti-Money Laundering : A Really Quick Primer
Basics of Anti-Money Laundering : A Really Quick Primercomplianceonline123
 
Cyber crime
Cyber crime Cyber crime
Cyber crime Soreingam Ragui
 
Cyber crime in india
Cyber crime in indiaCyber crime in india
Cyber crime in indiaArpan Shah
 
Anti money laundering
Anti money launderingAnti money laundering
Anti money launderingUttma Shukla
 
What Is The Illuminati?
What Is The Illuminati?What Is The Illuminati?
What Is The Illuminati?Slipknoo
 
The Illuminati Formula To Create An Undetectable Total Mind Control Slave[1][1]
The Illuminati Formula To Create An Undetectable Total Mind Control Slave[1][1]The Illuminati Formula To Create An Undetectable Total Mind Control Slave[1][1]
The Illuminati Formula To Create An Undetectable Total Mind Control Slave[1][1]Catherine Hislop
 

Weitere ähnliche Inhalte

Was ist angesagt?

Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityMd Nishad
 
Preventing Bank's Fraud and Forgery
Preventing Bank's Fraud and ForgeryPreventing Bank's Fraud and Forgery
Preventing Bank's Fraud and ForgeryAsad Hameed
 
Banking Frauds - An analysis of Banking Frauds, causes and possible preventiv...
Banking Frauds - An analysis of Banking Frauds, causes and possible preventiv...Banking Frauds - An analysis of Banking Frauds, causes and possible preventiv...
Banking Frauds - An analysis of Banking Frauds, causes and possible preventiv...Dinidu Weeraratne
 
Fraud Presentation
Fraud PresentationFraud Presentation
Fraud Presentationmbachnak
 
Cyberlaw and Cybercrime
Cyberlaw and CybercrimeCyberlaw and Cybercrime
Cyberlaw and CybercrimePravir Karna
 
Fraud Detection presentation
Fraud Detection presentationFraud Detection presentation
Fraud Detection presentationHernan Huwyler
 
Basics of Anti-Money Laundering : A Really Quick Primer
Basics of Anti-Money Laundering : A Really Quick PrimerBasics of Anti-Money Laundering : A Really Quick Primer
Basics of Anti-Money Laundering : A Really Quick Primercomplianceonline123
 
Cyber crime in india
Cyber crime in indiaCyber crime in india
Cyber crime in indiaArpan Shah
 
Anti money laundering
Anti money launderingAnti money laundering
Anti money launderingUttma Shukla
 

Was ist angesagt? (20)

Cybersecurity in Banking Sector
Cybersecurity in Banking SectorCybersecurity in Banking Sector
Cybersecurity in Banking Sector
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
Preventing Bank's Fraud and Forgery
Preventing Bank's Fraud and ForgeryPreventing Bank's Fraud and Forgery
Preventing Bank's Fraud and Forgery
 
Banking Frauds - An analysis of Banking Frauds, causes and possible preventiv...
Banking Frauds - An analysis of Banking Frauds, causes and possible preventiv...Banking Frauds - An analysis of Banking Frauds, causes and possible preventiv...
Banking Frauds - An analysis of Banking Frauds, causes and possible preventiv...
 
Cyber crime and fraud
Cyber crime and fraudCyber crime and fraud
Cyber crime and fraud
 
Online Scams and Frauds
Online Scams and FraudsOnline Scams and Frauds
Online Scams and Frauds
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Fraud Presentation
Fraud PresentationFraud Presentation
Fraud Presentation
 
Electronic payment by ahmad
Electronic payment by ahmadElectronic payment by ahmad
Electronic payment by ahmad
 
AML Training uba capital
AML Training uba capitalAML Training uba capital
AML Training uba capital
 
AML presentation
AML presentationAML presentation
AML presentation
 
Identity theft
Identity theftIdentity theft
Identity theft
 
Cyberlaw and Cybercrime
Cyberlaw and CybercrimeCyberlaw and Cybercrime
Cyberlaw and Cybercrime
 
Cybercrime ppt competition
Cybercrime ppt competitionCybercrime ppt competition
Cybercrime ppt competition
 
Aml basics
Aml basicsAml basics
Aml basics
 
Fraud Detection presentation
Fraud Detection presentationFraud Detection presentation
Fraud Detection presentation
 
Basics of Anti-Money Laundering : A Really Quick Primer
Basics of Anti-Money Laundering : A Really Quick PrimerBasics of Anti-Money Laundering : A Really Quick Primer
Basics of Anti-Money Laundering : A Really Quick Primer
 
Cyber crime
Cyber crime Cyber crime
Cyber crime
 
Cyber crime in india
Cyber crime in indiaCyber crime in india
Cyber crime in india
 
Anti money laundering
Anti money launderingAnti money laundering
Anti money laundering
 

Andere mochten auch

What Is The Illuminati?
What Is The Illuminati?What Is The Illuminati?
What Is The Illuminati?Slipknoo
 
The Illuminati Formula To Create An Undetectable Total Mind Control Slave[1][1]
The Illuminati Formula To Create An Undetectable Total Mind Control Slave[1][1]The Illuminati Formula To Create An Undetectable Total Mind Control Slave[1][1]
The Illuminati Formula To Create An Undetectable Total Mind Control Slave[1][1]Catherine Hislop
 
The Mark Of The Beast
The Mark Of The BeastThe Mark Of The Beast
The Mark Of The Beastj22smith
 
Fraud in the Banking Sector
Fraud in the Banking Sector Fraud in the Banking Sector
Fraud in the Banking Sector Venktesh Venke
 
Illuminati presentation
Illuminati presentationIlluminati presentation
Illuminati presentation04burkem
 
The secret order of the illuminati
The secret order of the illuminatiThe secret order of the illuminati
The secret order of the illuminatiRiaz Zalil
 
The illuminati quiz 2009 Finals
The illuminati quiz 2009 FinalsThe illuminati quiz 2009 Finals
The illuminati quiz 2009 FinalsIlluminati Quiz
 

Andere mochten auch (7)

What Is The Illuminati?
What Is The Illuminati?What Is The Illuminati?
What Is The Illuminati?
 
The Illuminati Formula To Create An Undetectable Total Mind Control Slave[1][1]
The Illuminati Formula To Create An Undetectable Total Mind Control Slave[1][1]The Illuminati Formula To Create An Undetectable Total Mind Control Slave[1][1]
The Illuminati Formula To Create An Undetectable Total Mind Control Slave[1][1]
 
The Mark Of The Beast
The Mark Of The BeastThe Mark Of The Beast
The Mark Of The Beast
 
Fraud in the Banking Sector
Fraud in the Banking Sector Fraud in the Banking Sector
Fraud in the Banking Sector
 
Illuminati presentation
Illuminati presentationIlluminati presentation
Illuminati presentation
 
The secret order of the illuminati
The secret order of the illuminatiThe secret order of the illuminati
The secret order of the illuminati
 
The illuminati quiz 2009 Finals
The illuminati quiz 2009 FinalsThe illuminati quiz 2009 Finals
The illuminati quiz 2009 Finals
 

Ähnlich wie Cyber fraud in banks

E commerce fraud chapter 17 B Ahmed
E commerce fraud chapter 17 B AhmedE commerce fraud chapter 17 B Ahmed
E commerce fraud chapter 17 B AhmedVidaB
 
Sgsits cyber securityworkshop_4mar2017
Sgsits cyber securityworkshop_4mar2017Sgsits cyber securityworkshop_4mar2017
Sgsits cyber securityworkshop_4mar2017Anil Jain
 
Enterprise Fraud Prevention & Scam Detection Tips By CXO 2.0 Conference Experts
Enterprise Fraud Prevention & Scam Detection Tips By CXO 2.0 Conference ExpertsEnterprise Fraud Prevention & Scam Detection Tips By CXO 2.0 Conference Experts
Enterprise Fraud Prevention & Scam Detection Tips By CXO 2.0 Conference ExpertsCXO 2.0 Conference
 
IRJET - Online Credit Card Fraud Detection and Prevention System
IRJET - Online Credit Card Fraud Detection and Prevention SystemIRJET - Online Credit Card Fraud Detection and Prevention System
IRJET - Online Credit Card Fraud Detection and Prevention SystemIRJET Journal
 
Fraud Detection and Risk Management in Finance.pptx
Fraud Detection and Risk Management in Finance.pptxFraud Detection and Risk Management in Finance.pptx
Fraud Detection and Risk Management in Finance.pptxdhaval3100013
 
Fortify Your Enterprise with IBM Smarter Counter-Fraud Solutions
Fortify Your Enterprise with IBM Smarter Counter-Fraud SolutionsFortify Your Enterprise with IBM Smarter Counter-Fraud Solutions
Fortify Your Enterprise with IBM Smarter Counter-Fraud SolutionsPerficient, Inc.
 
Ict2005 fms
Ict2005 fmsIct2005 fms
Ict2005 fmskkvences
 
ACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk Assessment
ACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk AssessmentACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk Assessment
ACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk AssessmentBillyCheuk
 
ETHICS FRAUD AND INTERNAL CONTROL AND AUDITING COMPUTERIZED FINANCIAL SYSSTEM...
ETHICS FRAUD AND INTERNAL CONTROL AND AUDITING COMPUTERIZED FINANCIAL SYSSTEM...ETHICS FRAUD AND INTERNAL CONTROL AND AUDITING COMPUTERIZED FINANCIAL SYSSTEM...
ETHICS FRAUD AND INTERNAL CONTROL AND AUDITING COMPUTERIZED FINANCIAL SYSSTEM...PascalOtieno
 
CULCT Cybersecurity Workshop 2.10.15
CULCT Cybersecurity Workshop 2.10.15CULCT Cybersecurity Workshop 2.10.15
CULCT Cybersecurity Workshop 2.10.15E Andrew Keeney
 
IRJET- Survey on Credit Card Fraud Detection
IRJET- Survey on Credit Card Fraud DetectionIRJET- Survey on Credit Card Fraud Detection
IRJET- Survey on Credit Card Fraud DetectionIRJET Journal
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldnetwealthInvest
 
Setting Up and Managing an Anonymous Fraud Hotline
Setting Up and Managing an Anonymous Fraud HotlineSetting Up and Managing an Anonymous Fraud Hotline
Setting Up and Managing an Anonymous Fraud HotlineFraudBusters
 
How to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber ResilientHow to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber ResilientAccenture Operations
 
Heartlandpt3
Heartlandpt3Heartlandpt3
Heartlandpt3grimesjo
 
RSB72-PPT.pptx
RSB72-PPT.pptxRSB72-PPT.pptx
RSB72-PPT.pptxAryanGour1
 

Ähnlich wie Cyber fraud in banks (20)

E commerce fraud chapter 17 B Ahmed
E commerce fraud chapter 17 B AhmedE commerce fraud chapter 17 B Ahmed
E commerce fraud chapter 17 B Ahmed
 
Credit Card Fraud PPT - Reena Prajapati.pptx
Credit Card Fraud PPT - Reena Prajapati.pptxCredit Card Fraud PPT - Reena Prajapati.pptx
Credit Card Fraud PPT - Reena Prajapati.pptx
 
Sgsits cyber securityworkshop_4mar2017
Sgsits cyber securityworkshop_4mar2017Sgsits cyber securityworkshop_4mar2017
Sgsits cyber securityworkshop_4mar2017
 
Enterprise Fraud Prevention & Scam Detection Tips By CXO 2.0 Conference Experts
Enterprise Fraud Prevention & Scam Detection Tips By CXO 2.0 Conference ExpertsEnterprise Fraud Prevention & Scam Detection Tips By CXO 2.0 Conference Experts
Enterprise Fraud Prevention & Scam Detection Tips By CXO 2.0 Conference Experts
 
IRJET - Online Credit Card Fraud Detection and Prevention System
IRJET - Online Credit Card Fraud Detection and Prevention SystemIRJET - Online Credit Card Fraud Detection and Prevention System
IRJET - Online Credit Card Fraud Detection and Prevention System
 
Fraud Detection and Risk Management in Finance.pptx
Fraud Detection and Risk Management in Finance.pptxFraud Detection and Risk Management in Finance.pptx
Fraud Detection and Risk Management in Finance.pptx
 
Fortify Your Enterprise with IBM Smarter Counter-Fraud Solutions
Fortify Your Enterprise with IBM Smarter Counter-Fraud SolutionsFortify Your Enterprise with IBM Smarter Counter-Fraud Solutions
Fortify Your Enterprise with IBM Smarter Counter-Fraud Solutions
 
Ict2005 fms
Ict2005 fmsIct2005 fms
Ict2005 fms
 
ACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk Assessment
ACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk AssessmentACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk Assessment
ACCA-IIA Singapore Seminar 2015 Part 3 Fraud Risk Assessment
 
ETHICS FRAUD AND INTERNAL CONTROL AND AUDITING COMPUTERIZED FINANCIAL SYSSTEM...
ETHICS FRAUD AND INTERNAL CONTROL AND AUDITING COMPUTERIZED FINANCIAL SYSSTEM...ETHICS FRAUD AND INTERNAL CONTROL AND AUDITING COMPUTERIZED FINANCIAL SYSSTEM...
ETHICS FRAUD AND INTERNAL CONTROL AND AUDITING COMPUTERIZED FINANCIAL SYSSTEM...
 
Cybersecurity Workshop
Cybersecurity Workshop Cybersecurity Workshop
Cybersecurity Workshop
 
CULCT Cybersecurity Workshop 2.10.15
CULCT Cybersecurity Workshop 2.10.15CULCT Cybersecurity Workshop 2.10.15
CULCT Cybersecurity Workshop 2.10.15
 
IRJET- Survey on Credit Card Fraud Detection
IRJET- Survey on Credit Card Fraud DetectionIRJET- Survey on Credit Card Fraud Detection
IRJET- Survey on Credit Card Fraud Detection
 
Our way of fighting fraud
Our way of fighting fraudOur way of fighting fraud
Our way of fighting fraud
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital world
 
Setting Up and Managing an Anonymous Fraud Hotline
Setting Up and Managing an Anonymous Fraud HotlineSetting Up and Managing an Anonymous Fraud Hotline
Setting Up and Managing an Anonymous Fraud Hotline
 
Credit Card Fraud Detection_ Mansi_Choudhary.pptx
Credit Card Fraud Detection_ Mansi_Choudhary.pptxCredit Card Fraud Detection_ Mansi_Choudhary.pptx
Credit Card Fraud Detection_ Mansi_Choudhary.pptx
 
How to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber ResilientHow to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber Resilient
 
Heartlandpt3
Heartlandpt3Heartlandpt3
Heartlandpt3
 
RSB72-PPT.pptx
RSB72-PPT.pptxRSB72-PPT.pptx
RSB72-PPT.pptx
 

Mehr von Network Intelligence India

ISO 27004- Information Security Metrics Implementation
ISO 27004- Information Security Metrics ImplementationISO 27004- Information Security Metrics Implementation
ISO 27004- Information Security Metrics ImplementationNetwork Intelligence India
 
IT Act 2000 Penalties, Offences with case studies
IT Act 2000 Penalties, Offences with case studies IT Act 2000 Penalties, Offences with case studies
IT Act 2000 Penalties, Offences with case studies Network Intelligence India
 
Distributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing MethodologyDistributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing MethodologyNetwork Intelligence India
 

Mehr von Network Intelligence India (20)

Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0
 
The Economics of Security
The Economics of SecurityThe Economics of Security
The Economics of Security
 
Web Application Security Strategy
Web Application Security Strategy Web Application Security Strategy
Web Application Security Strategy
 
ISO 27004- Information Security Metrics Implementation
ISO 27004- Information Security Metrics ImplementationISO 27004- Information Security Metrics Implementation
ISO 27004- Information Security Metrics Implementation
 
National Cyber Security Policy 2013
National Cyber Security Policy 2013National Cyber Security Policy 2013
National Cyber Security Policy 2013
 
RBI Gopalakrishna Committee Report on IT
RBI Gopalakrishna Committee Report on ITRBI Gopalakrishna Committee Report on IT
RBI Gopalakrishna Committee Report on IT
 
PCI DSS for Penetration Testing
PCI DSS for Penetration TestingPCI DSS for Penetration Testing
PCI DSS for Penetration Testing
 
Understanding Governance
Understanding GovernanceUnderstanding Governance
Understanding Governance
 
Cyber Security in Civil Aviation
Cyber Security in Civil AviationCyber Security in Civil Aviation
Cyber Security in Civil Aviation
 
Spear Phishing Methodology
Spear Phishing MethodologySpear Phishing Methodology
Spear Phishing Methodology
 
Mobile Device Management (MDM)
Mobile Device Management (MDM)Mobile Device Management (MDM)
Mobile Device Management (MDM)
 
IT Act 2000 Penalties, Offences with case studies
IT Act 2000 Penalties, Offences with case studies IT Act 2000 Penalties, Offences with case studies
IT Act 2000 Penalties, Offences with case studies
 
Information Rights Management (IRM)
Information Rights Management (IRM)Information Rights Management (IRM)
Information Rights Management (IRM)
 
Distributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing MethodologyDistributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing Methodology
 
Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)
 
Advanced persistent threats(APT)
Advanced persistent threats(APT)Advanced persistent threats(APT)
Advanced persistent threats(APT)
 
XML Interfaces to the popular Nessus Scanner
XML Interfaces to the popular Nessus ScannerXML Interfaces to the popular Nessus Scanner
XML Interfaces to the popular Nessus Scanner
 
Advanced persistent threats
Advanced persistent threatsAdvanced persistent threats
Advanced persistent threats
 
Who will guard the guards
Who will guard the guardsWho will guard the guards
Who will guard the guards
 
Application security enterprise strategies
Application security enterprise strategiesApplication security enterprise strategies
Application security enterprise strategies
 

Kürzlich hochgeladen

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 

Kürzlich hochgeladen (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

Cyber fraud in banks

  • 1. Cyber Fraud Challenges & Solutions K. K. Mookhey Principal Consultant Network Intelligence India Pvt. Ltd.
  • 2. Agenda Ground Reality – Digesting the Hard Facts Online Banking Fraud The Data Theft Epidemic Skimming & ATM Fraud Spear Phishing & APT Identifying Technology Red Flags Technology Fraud Risk Management Resources
  • 4. Primary fix? 2-factor Or OTP User Awareness
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13. The Data Theft Epidemic
  • 14.
  • 15.
  • 16.
  • 17.
  • 18. What price India? Online examples…
  • 19. Fresh record price = Rs. 75 Converted customer price = Rs. 150
  • 20. Skimming – Basic & Advanced
  • 21. THE TRAP ♦ The trap is made up of XRAY film, which is the preferred material by thieves; Simply because of the black color which is similar in appearance to the slot on the card reader.
  • 22. Placing the TRAP ♦ The trap is then inserted into the ATM slot. Care is taken not to insert the entire film into the slot, the ends are folded and contain glue strips for better adhesion to the inner and outer surface of the slots.
  • 23. INVISIBLE ♦ Once the ends are firmly glued and fixed to the slot, it is almost impossible to detect by unsuspecting clients.
  • 24. How is your card confiscated? ♦ Slits are cut into both sides of the trap, This prevents your card being returned prior to completing your transaction.
  • 25. Retrieval of Confiscated card. ♦ As soon as the “Customer” has gone, and they have your PIN , The thief can remove the glued trap, by grasping the folded tips, he simply pulls the trap out that has retained your card..
  • 28. Technology Red Flags Systems crashing Audit trails not available Mysterious “system” user IDs Weak password controls Simultaneous logins Across-the-board transactions Transactions that violate trends – weekends, excessive amounts, repetitive amounts Reluctance to take leave or accept input/help Reluctance to switch over to a new system
  • 29. The IIA – IT & Fraud Risks Fraudulent Financial Reporting • Unauthorized access to accounting applications — Personnel with inappropriate access to the general ledger, subsystems, or the financial reporting tool can post fraudulent entries. • Override of system controls — General computer controls include restricted system access, restricted application access, and program change controls. IT personnel may be able to access restricted data or adjust records fraudulently.
  • 30. The IIA – IT & Fraud Risks Misappropriation of Assets • Theft of tangible assets — Individuals who have access to tangible assets (e.g., cash, inventory, and fixed assets) and to the accounting systems that track and record activity related to those assets can use IT to conceal their theft of assets. • Theft of intangible assets — Given the transition to a services-based, knowledge economy, more and more valuable assets of organizations are intangibles such as customer lists, business practices, patents, and copyrighted material. Corruption • Misuse of customer data — Personnel within or outside the organization can obtain employee or customer data and use such information to obtain credit or for other fraudulent purposes.
  • 31. • As part of an organization’s governance structure, a fraud risk management program should be in place, including a written policy Principle 1 to convey the expectations of the board of directors and senior management regarding managing fraud risk. • Fraud risk exposure should be assessed periodically by the Principle 2 organization to identify specific potential schemes and events that the organization needs to mitigate. • Prevention techniques to avoid potential key fraud risk events Principle 3 should be established, where feasible, to mitigate possible impacts on the organization. • Detection techniques should be established to uncover fraud events Principle 4 when preventive measures fail or unmitigated risks are realized. • A reporting process should be in place to solicit input on potential fraud, and a coordinated approach to investigation and corrective Principle 5 action should be used to help ensure potential fraud is addressed appropriately and timely.
  • 32. Leveraging Technology Data Leakage Prevention Email Gateway Filtering Security & Controls by Design Information Rights Management Identity & Access Control Management Data Encryption Business Intelligence Solutions Revenue Assurance & Fraud Management Solutions Forensic Investigation Capabilities
  • 33. Chapter 6 – Cyber Frauds Special Committee of the Board to be briefed separately Independent Fraud Risk Management Group (FRMG) Fraud Review Councils to be set up Fraud Vulnerability Assessments New products to be reviewed by (FRMG) Banks to share details of fraudulent employees Transaction monitoring group/system Continuous trainings Employee awareness and rewarding whistleblowers Training institute for financial forensic investigation Sharing of fraud management experiences State-level Financial Crime Review Committee Multi-lateral arrangement amongst banks to deal with online frauds
  • 34. Resources Fraud Risk Management System in Banks http://www.rbi.org.in/scripts/NotificationUser.aspx?Id=527 3&Mode=0 IIA – Fraud Prevention and Detection in an Automated World http://www.theiia.org/guidance/technology/gtag13/
  • 35. Thank you! Questions? kkmookhey@niiconsulting.com Information Security Information Security Training Consulting Services Services