kaspersky fraud prevention: digital banking
TRANSCRIPT
© 2015 Kaspersky Lab. All rights reserved.
ONLINE BANKING THREATS Alexander Ermakovich
TYPICAL PHISHING ATTACK
FAKE
!
MAN IN THE BROWSER
Customer makes the transfer but malware changes destination and amount
Website seen by Bank
Website seen by Customer
MOBILE FAKE APPLICATIONS
SECOND FACTOR STEALING FINAL STEP
2. SMS “Security Update”
Zeus-infected PC
4. Legit SMS now forwarded to Fraud Phone
3. ZitMo
1. Phone number entered
Account Takeover
An account takeover can happen when a fraudster or computer criminal poses as a genuine customer, gains control of an account and then makes unauthorized transactions
Transaction Tampering
Illegitimate financial transactions by means of changing transaction details, or creating a new transaction on behalf of the customer
THE PROBLEMS
TYPICAL ATO ATTACK
Phase 1
Phase 2
Phase 3
Sell Credentials
Data Breach
Man-in-the
-middleSocial
Engeneering
Phishing, SMiShing
Steal user credentials
Validation
Attack
Surveillance
Malware
Brute Force
Bots
MANAGEMENT & PROTECTION
KASPERSKY FRAUD PREVENTION PLATFORM
Clientless Engine
USER PROTECTION
Endpoints & Mobile
SECURITY INTELLIGENCE SERVICES
Kaspersky Security Network
WHY KASPERSKY?
FAST DELIVERY
HAPPY END