Cynthia Hetherington

HetheringtonGroup.com

Effectively Using Social Networks

and Social Media in Fraud

Examinations

Taking the Internet as a Resource to the Next Level

1

Introduction

The Internet used to be the domain of a very

select group of users.

The World Wide Web changed all that.

However, a participant still needed the talent,

software, or funds to share his material online.

Then Web 2.0 arrived.

2

Web 2.0

Web 2.0 is the second generation of Web

development and design.

The underpinning of Web 2.0 is XML.

XML tagging—unlike its predecessor, HTML—

is consistently used throughout all developing

projects.

XML appears seamless to users.

3

Common Web 2.0 Uses

Blogs Blogs are one of the most popular

features in the Web 2.0 environment.

Some blogs are maintained by

organizations or individuals to provide

information and news about one primary

topic, but others essentially serve as

public dairies for their creators.

4

Common Web 2.0 Uses

Blogs

In addition to text, bloggers can post

photographs, drawings, videos, and

audio clips online. They can link to other

blogs or repost items of interest they

found online.

5

Common Web 2.0 Uses

RSS Feeds Used to post and share information that

is updated often, such as news or blogs.

It packages the data in a standard format

and sends it to feed subscribers.

It is a quick and easy way for individuals

to receive timely updates about topics

they follow.

6

Common Web 2.0 Uses

Web Apps A Web app is a software application

accessed via a Web browser over a

network such as the Internet or an

intranet.

Apps are popular due to the convenience

of using a Web browser as a host.

7

Common Web 2.0 Uses

Wikis A wiki is an online encyclopedia where

the users are in control of the content

that is written for a subject.

Internal wikis have been popular on

company intranets over the past few

years.

8

Common Web 2.0 Uses

Video sharing Video sharing sites like YouTube have

grown in popularity.

Not only can individuals upload any video

imaginable, but they do not have to host

a large file and address the bandwidth

constraints.

9

Common Web 2.0 Uses

Social networking The most noticeable Web 2.0 application is

social networking, which has brought the

masses to the Internet.

For free, users can create an account, and the

network automatically introduces them to others

with the same background or interests.

The opportunity for fraud in the Web 2.0 world is

boundless.

10

Fraud in This Environment

Merchant sites can be created to look authentic,

and yet will re-route the purchaser to a fraudulent

receiver, as in phishing.

Reputations of people and companies can be

attacked by anonymous posters who have a

vendetta against the person or organization.

Cyber-bullying is easy.

11

Fraud in This Environment

The ease of being able to post private information

means companies are losing intelligence,

confidential items, and future strategies by

employees who inadvertently post their daily

work activities.

False information can be posted by competitors.

12

Fraud in This Environment

Blogs and social networks can be created

completely anonymously by a nefarious

computer-savvy person, from anywhere on the

planet, and made to look like they came from

next door.

Anyone can become an authority on a topic they

choose to champion, and there is no vetting

process to authenticate the claims they make.

13

Public Information

Business profile

Academic history

Business connections

Personal affiliations

Hobbies

Sports teams

Opinions

Work schedule

14

Public Information

Intellectual property

Political and charitable

causes

Photos of yourself, your

family, and friends

Videos inside facilities

Illnesses

Travel schedule

15

Public Information

Caffeine or no?

Updates on family events

Drug habits

Height, weight, gender

Sexual preferences

Where you are and what you are

doing every minute of the day!

16

Finding Subjects on Social Networks

Use the search boxes on social networking sites.

Search by name, phone number, or e-mail

address.

Know the difference between private and public

profiles.

Try to connect with your subject online.

17

Families and Facebook

“As a long-serving diplomat

and ambassador, his family

have been involved in his

line of business for

decades. I would have

hoped they would have

been much more sensitive

to potential security

compromises like this.”

Wife blows MI6 chief’s cover on Facebook —

Times Online

18

No One Seems Concerned

Children are posting Predators

Business professionals are posting Competitors and bosses are watching

Everyone’s posting Reality TV meet reality blogger

Some examples of over exposure!

19

Blogs Aren’t Just for Kids!

Who needs Dr. Phil when you can blog it?

Blog: I miss my husband http://tonya28.blog.com/

Jason and Tonya (bd:1-23)

Married circa Jan 16, 1996

Army vet, Korea station

Computer skills, landed and lost many jobs

Most recent job was stocking groceries, 3rd shift at Wal-

Mart

20

The Weakest Link

Vincent: “Make everyday the best day of your entire life!!!!”

Male, 24 years old

Clifton, New Jersey

Works for large German manufacturing company

Former Marine

Are those network schematics?

21

Hello?

Employed by:

Large German manufacturing

company

Passaic, New Jersey, US

Computer Programmer

01/04 to CURRENT

CENSORED

22

Meet Peter from Happy Family

Company Male, 22 years old

Los Angeles, CA

HFC Feature Animation

Burbank, California, US

Programmer, Editorial/Post-Production Technical Department

Lawrence Livermore National Laboratory

Livermore, CA, US

Computer Programmer Intern, Defense Nuclear Technology

Peter’s packing!

23

Some Others?

George Sodini Ranted for two years about his lack of luck

with the ladies from his gym, and how he

was going to enact retribution.

Nidal Hasan Complained about serving his country.

24