Download - Telephone fraud Frankfurt October 2014
16-17th October, 2014, Frankfurt
Stay calm and hang up on fraud! A case study about the dynamics of telephone
fraud and how Lithuanian banking industry tackles it
2
These days everyone seems to be afraid of them, right?
3
Another Attack of Cyber Criminals!FEARS are growing for the UKs financial security after cyber thieves hacked into a major European bank's computer, stealing thousands of pounds in savings.
Online criminals have targeted a top European bank, stealing more than £400,000.
The attack, which took place at the beginning of the year, compromised more than 190 personal accounts.
The thieves used a Trojan programme to hide dangerous information inside innocuous-seeming software.
This intercepted data and allowed the criminals to transfer money without the bank or its customers becoming aware.
It appears most of the victims were from Turkey and Italy with some customers losing over €39,000
Details about which bank has been attacked have not been released, or whether any UK customers have had any money stolen.
This latest attack is sure to send shock waves through the banking sector as it proves how vulnerable modern day technology is to attack from criminals.
THE DAILY NEWSwww.dailynews.com THE WORLD’S FAVOURITE NEWSPAPER - Since 1879
4
What is Telephone Fraud?
“It’s me, mother/grandmother! Help me!” fraud
5
Variation 1 > 2010
Not a perfect crime
# Limited gain
# Limited range of potential victims
# Requires physical contact / time
# Difficult to recruit couriers
6
“Hi, I’ve a job for you” fraud
7
Variation 2 ~ 2010
“Hello, I’m a police investigator…” fraud
8
Variation 3 > 2010
Online Banking Facility
9
Password Card
10
Houston, we’ve a problem!
11
# Everyone’s a potential target
# Significantly increases fraudsters’ gains
# No physical contact with the victims / requires less time
# Abundance of money mules
Telephone Fraud Statistics from SEB Bank
12
No. of Victims
Total Loss / LTL
Pay day Loans / LTL
No. of Money Mules
2012 97 428 000,00 144 000,00 89
2013 273 1 467 588,00 252 484,00 340
2014 (IIIQ) 43 192 717,00 37 475,00 48
Total 413 2 088 305,00 433 959,00 477
NB! One EUR = 3,46 LTL
Police Statistics on Telephone Fraud in 2012
# 816 telephone fraud reports
# Estimated loss: 2 782 000,00 LTL
# Cost of investigations: 1 236 000,00 LTL
# Number of confiscated phones in prisons – 7 884
(Source: Lietuvos Rytas , 15th of May, 2013)13
14
95 per cent of fraudulent phone calls originate in Lithuanian prisons
(Source: Respublika, 12 th of March, 2012)
15
16
Profile of a Victim• The majority of victims – 95 per cent - are women • Average age - 55 years old• Average loss – 5 376,00 LTL• Surprisingly, many victims had been aware about
telephone fraud and its modus operandi (Suzuki, K., 2010)
• In addition to financial loss, victims often suffer loss of self esteem, because they blame themselves for having been ‘so stupid’
• The society contributes to this social stigma by labeling victims as gullible or plain stupid (University of Exeter, 2009)
• In other words, it is the victim’s fault or as the old adage has it - ‘A fool and his money are soon parted’
• Additionally, this type of fraud undermines confidence general public has in public and private institutions and erodes sense of security in everyday life (Suzuki, K., 2011)
Stupid cow!How on earthcould I fall for that!?
Anyone can become a victim
17
‘He [the bank manager] spent a long time trying to persuade both of us that this was a scam, and in the end I said that the money was mine and I had a right to it. The bank manager with a sigh said “Yes” and
sent me back to the teller’4th June, 2014, BBC,
19
Profile of a Money Mule
# The average age of a money mule is 28-30 years old
# Often these individuals are unemployed recipients of social benefits from the state
# Most of them know that their involvement facilitates criminal activity
# However, when one bank closes their accounts, they open a new one in another bank and continue to assist telephone fraudsters
The Fake President Fraud
20
Victim
Fraudster 1 Fraudster 2
21
# Lithuanian banks aren’t directly affected since they do not compensate losses to the victims of fraud
# However, since this type of fraud targets users of electronic banking, some customers might stop or be reluctant to use this products, and this might have some impact on the long term plans of the banking industry
# Additionally, fraudsters might start targeting SMEs or invent new and more elaborate fraudulent schemes
# Finally, if the incidence of telephone fraud continues to increase, the regulator might step in and introduce new rules
Implications for the Banking Industry
How do we tackle telephone fraud?
22
23
How do we tackle telephone fraud? (cont’d)
# Training staff to identify customers who are at higher risks, so they could provide customers with relevant advise on risk mitigation techniques
# Advising staff on how to identify potential money mules# Raising customers awareness through communication campaigns in
the news media, etc.# Reduction of daily transfer limits for customers who do not want to
replace password cards with TAN generators# Employing an internally developed monitoring software that detects and
suspends suspicious transactions# Addressing this issue to various stakeholders – police, prosecutor’s
office, Ministry of Justice, department of prisons, telecommunication companies, etc.
# In addition, telecommunication companies have started to proactively block pre-paid GSM cards allegedly being used in fraudulent activities
Is the State Liable for Damages of Telephone Fraud?
24
Remaining Challenges# Banks are reluctant to exchange fraud statistics# Banks do not exchange data on fraudsters and money mules# Banking legislation doesn’t provide clear guidance on how banks
should tackle fraud # Police do not compile comprehensive statistics on telephone
fraud# ‘It’s your own fault’ attitude is still prevalent towards victims of
telephone fraud# Co-operation between stakeholders could be improved# Fraudsters are always one or two steps ahead; therefore, they
eventually come up with new variations or target new products/channels (e.g. Germany, Latvia and Estonia (Source: Lietuvos Rytas, 5th of August, 2013)
25
Cross -border Crime
26
27
Variations of Telephone Fraud in Other Countries
Courier Fraud (UK) Ore-Ore Sagi / Furikome Fraud (Japan)
Variations of Telephone Fraud in Other Countries (cont’d)
28Voice Phishing Fraud (South Korea) Tелефонные Mошенники (Russia)
29
If this particular type of fraud is of further interest:
• Use Google to find out more variations around the world:– Voice Phishing (South Korea)– Virtual Kidnapping / Telephone Extortion (South America)– Courier Fraud / Vishing (United Kingdom)– Ore-ore Sagi / Furikome Fraud (Japan)– Jamaican Lottery (USA)– Telefon Betrug / Schockanrufen (Germany)– Tелефонные Mошенники (Russia)– Faux Neveu / Faux président (France, Switzerland)– Metoda Accidentul (Romania)– Grandparents Scam (North America)– And many many more…
30
Thank you for your attention!
If you’re interested in this topic, you’re welcome to get in touch with me through
32