TAMIL TIGER CREDIT CARD SCAM
MBA 649
Presented by –Ankit Verma – (10110)
Ankan Bansal – (10327095)Atul Kumar Sinha – (10327171)
Himanish - ( 12125024 )Pramod - ( 12125035 )
The case 28 ATM cards seized from Tamil Tiger agent in
Chennai Withdrew over Rs. 30 lakh Amount sent to UK Caught red-handed: civilian informed police Partner of LTTE’s Thamilini, a cash and carry grocery
shop in London Registration books of two cars, a cell phone and
passport also recovered 2012
Not an isolated incident... LTTE accused of masterminding credit card scam in
UK - 200 petrol pumps hit - 5000 cards cloned - 2007 Stolen credit card numbers used to steal $250,000 in
New York - 2007 Cloning cards to fund armed campaigns in Sri Lanka Credit card frauds amounted to £ 535m in UK in 2007 In 2009, 130 million credit and debit cards stolen
from Heartland Payment Systems, retailers 7-Eleven and Hannaford Brothers
2013 - Target Corporation exposed data from about 40 million credit cards
Digging deeper...How did they achieve this scam – Card cloning Skimming - copying the data held in the
magnetic strip during an otherwise legitimate transaction
Cloning device is concealed in the payment/ATM machine itself
Phishing Data breaches
Need for Cyber Security Electronic methods being used more and more Frauds affect consumer confidence in
electronic payment systems Damage to brands Identity theft - could lead to personal damage Not limited to plastic money “Cyber Crime” - $100 billion in US annually
Existing laws and measures
Many laws exist to prevent cyber crimes including laws against credit card fraud
In the US, federal law limits the liability of card holders to $50 in the event of theft of the actual credit card, regardless of the amount charged on the card
IT Act of India 2000 - Amendments in 2006 and 2008 Merchants and card issuers should also take certain
measures PAN truncation - xxxxxxx9129 Tokenization Authentication with PIN Strong authentication
Analysis Police doesn’t have proper IT skills and
training to probe such cases Collaboration with foreign police is not present
in most cases Database of such cyber crimes and criminals is
difficult to maintain Immediate alert system is lacking
Recommendation for defence
Build proper infrastructure to encounter these issues
Give emphasis on quality recruitment and training in dealing with cyber crimes
Collaboration and information sharing with respective authorities in different countries
Maintain database of such cyber crimes and criminals
Stringent Laws and precise definition of cyber crimes
Recommendation for Banking authorities
Design multi level security for highly sensible data
Immediate alert system for every transaction should be made mandatory
Fraud detection analytics for early detection and prevention of such cases
Better encryption techniques during data storage and maintenance
Self Awareness is important
The case information came from a civilian who noticed a cautious act of a smuggler.
Even we, individual can give alarm to prevent unethical behavior.
It serves as a warning for us to be more careful about important things especially in matters of money.
THANK YOU