Download pptx - Cybercrime Threat Landscape: Cyber Criminals Never Sleep

Cybercrime Threat Landscape: Cyber Criminals Never Sleep

Etay MaorSenior Fraud Prevention Strategist

© IBM Trusteer, 2014

Security Silos FAIL!

© IBM Trusteer, 2014 3

Holistic Approach for Cybercrime

WWW

Phishing and Malware Fraud

Advanced Threats (Employees)

Online/Mobile Banking

Money, Intellectual Property, Business Data

Account Takeover, New Account Fraud

Mobile Fraud Risk

Phishing

4


New C&Cs for Phishing


Targeting Security Solutions:

External and Perimeter Anti virus Sandbox VMs

Login Credential protection and encryption OTP SMS Device ID

Internal Behavior anomaly detection Clickstream analysis


Malware Protection

Malware Protection - Outsource


Device Forging


Bypassing Device ID

Notification

LoginInjection


Bypassing Device ID

RDP

Transaction


Behavior and Device ID Tricks

The data source: Large European bank 3 weeks worth of data 1.5M accounts reviewed 10M login attempts

Fraudsters know behavioral profiling is in action Fraud does not happen on the first login

30% of the users come from a mobile device Confirmed fraud coming from the mobile channel. WHY?

New Mobile Threats

13


How Times Have Changed…


Overlay Mobile Attack


Overlay Mobile Attack


Mobile Ransomware

Cybercrime Services

18



A Page From a CT Book – Sounds Familiar?


Building a Solution

Advanced Fraud

Prevention

Real Time Intelligence• Integrated: fully

integrated to leverage threat data across channels

• Global: identify threats any time, anywhere for all channels

Seamless Experience• Transparent: minimize

“action items” to user• Automated: minimize

“action items” to staff

Accurate Analysis• Focused: root cause• Impactful: prevent,

detect, mitigate and remediate

Adaptive Controls• Intelligent: build with

the “unknowns” • Dynamic: rapidly

updatable software


And Always Remember – Security is in YOUR Hands





Thank You