Almost every day we hear of a new retailer that has experienced a data breach, frustrating financial institutions that must then deal with the fall-out. 95% of all targeted attacks on enterprises involve some kind of spear-phishing to deliver malware. But what exactly happens to all this data that is stolen? How is it sold, and what is it worth?
Attendees will learn:
•How fraudsters cash in on stolen credentials after a retail breach;
•How rogue mobile apps are emerging as an increasingly effective attack vector;
•How to proactively protect your customers after a breach.
Watch the replay here: http://www.easysol.net/resources-2015-the-year-of-spear-phishing
2. In this presentation we will discuss:
Common Methods of Payment
Card Fraud
How the Black Market
Economy Operates
Impact of Card Fraud on
Financial Institutions
Protection from Payment Card
Fraud
3. Phase 1: Payment Card Theft
Phase 2: Payment Card Sale
Phase 3: Cashing
Phases of Fraud
4. Common Methods:
• Physical Theft (ex. lost or stolen card)
• Skimming (ex. ATM or gas pump)
• Malware on consumer computer or mobile device
• Data breaches
Malware on point-of-sale device
Network compromise
Database or web site compromise
Phase 1: Payment Card Theft
Card-not-
present fraud
New account
fraud
6. Skimming:
Phase 1: Payment Card Theft
http://krebsonsecurity.com/tag/atm-skimmer/
Devices are small,
compact and easy to get.
Skimmers have been found on ATM, POS terminals to steal credentials.
7. Malware on Consumer Computer or Mobile Device:
Phase 1: Payment Card Theft
2015 The Year of Spear
Phishing
• All the latest breaches
linked to malware
• Trend of targeting
employees
• Harvest info on social
networks to customize
attacks
• Multi-factor
authentication often not
required for employees
8. Malware on Consumer Computer or Mobile Device:
Phase 1: Payment Card Theft
Rogue Mobile Apps Emerge:
• 86% of Android malware was
repackaged legitimate apps
• 77% of top 50 free apps in
Google’s Play Store have fake
versions elsewhere
• Trend Micro cataloged 890,482
fake apps (59,185 aggressive
adware & 394,263 were
malware)
http://www.zdnet.com/article/android-malwares-dirty-secret-repackaging-of-legit-apps/
http://www.pcworld.com/article/2454980/theres-almost-a-million-fake-apps-targeting-your-phone.html
9. Data Breaches:
Phase 1: Payment Card Theft
Recent breaches have been the result of malware that was placed on Point of Sale
systems. Often the breached organization has been certified as having the
appropriate security controls in place.
10. Phase 2: Black Market Sale
Easy Checkout
.
Customer Support
.
Money Back Gurantee
Technical Support
The rise of online card shops in
recent years provides secure
forums for buyers and sellers.
11. How Much is a Card Worth?
Factors affecting price:
Validity
Rate
Supply
&
Demand
Issuing
Region
Phase 2: Black Market Sale
12. “A complete identity-theft kit
containing comprehensive health
insurance credentials can be worth
hundreds of dollars or even $1,000
each on the black market, and
health insurance credentials alone
can fetch $20 each; stolen payment
cards, by comparison, typically are
sold for $1 each.”
http://www.pwc.com/gx/en/consulting-services/information-security-
survey/assets/the-global-state-of-information-security-survey-2015.pdf
Phase 2: Black Market Sale
How Much is a Personal Data Worth?
13. Phase 3: Cashing
Image Source: http://www.tripwire.com/state-of-security/vulnerability-management/how-
stolen-target-credit-cards-are-used-on-the-black-market/
Stolen credit cards are used to charge pre-paid cards
which then purchase store specific gift cards.
Credit to Gift Card Shell Game
14. Impact on Financial Institutions
Of financial institutions in a recent
survey were impacted by the Target
breach*
*ISMG Faces of Fraud Survey
16. Impact on Financial Institutions
How did these breaches impact your organization or
customers?
17. Impact on Financial Institutions
How is a fraud incident typically detected?
“Too often institutions
learn of fraud incidents
only after their
customers notify them.”
18. • Be sure to have a plan in place
• Make sure you are covering all bases
• Tackle the problem from beginning to end
• Evaluate current tools and look for constant innovation
• Speed and flexibility are critical when fighting back fraud
• Awareness & Visibility
• Proactive Approach
How to Protect Your Customers