*Financial Fraud In Cyber Space

Question 1

➢ estimates Identity Theft generates 1 B (USD) per year globally.

➢Automated Teller Machine (ATM) Fraud (Philippines)

INTRODUCTION:

Bangko Sentral ng Pilipinas (BSP) confirmed 220 million pesos lost in ATM FRAUD

Answer 1

United Nations Office on Drugs and Crime (UNODC)

Question 2

is one of the emerging forms of numerous variances of financial fraud in the Philippines.

➢The “budol-budol” and “dugo-dugo” modus-operandi now has its own online versions.
➢This art of deception find its way in the cyber space. The culprit now finds their victims through email, social media, dating sites, forums and even some fraud websites.

➢Through the social engineering method, the culprit will send email, chat message and text message, claiming to be close relative or friend of the victims who are based abroad and then offer a proposal such as mobile phone load business and the like.

➢Other more technically knowledgeable suspects executed the scheme through the hacked email or social media accounts, making the victims more convinced that the persons behind the transaction were their real relatives or friends.
➢If hacking is not possible a spoofing method then would play its role

Answer 2

Online Financial fraud

Question 3

BANK RELATED FRAUD

Answer 3

ATM Fraud

Credit Card Fraud

Question 4

●Thieves use hidden electronics to steal the personal information stored on your card and record your PIN number to access all that hard-earned cash in your account.
●That’s why skimming takes two separate components to work.
●The first part is the skimmer itself, a card reader placed over the ATM’s real card slot
●The second is a camera which is surreptitiously positioned to capture the PIN. Some use a keypad overlay for this purpose.

Answer 4

ATM SKIMMING

Question 5

This device is overlaid onto an existing ATM machine keypad and allows the ATM machine to function properly while it records the keystrokes

Answer 5

ATM keypad overlay and ATM Card Skimmer

Question 6

August 8, 2016 hacking of Automated Teller Machine (ATM) at Bonifacio High Streets Branch, BGC, Fort Bonifacio, Taguig City.

➢Recovered from the ______ suspect was a key to open the ATM

Answer 6

Hungarian

Question 7

➢ are using a combination of low and high-tech attacks to make ATMS spit out cash.

➢ These attacks first started in 2016, when several banks in ______ discovered empty ATMs with a hole drilled in one of their sides.

Answer 7

Hackers

Europe and Russia

Question 8

➢ATM thieves will drill a small hole, wide of about _____ centimeters (1.5 inches), on the side of the ATM’s PIN (numbers) pad. This hole was right near a crucial ATM component, a 10-pin header.

Answer 8

4

Question 9

Attackers connected and hijacked ATM’s main bus
➢This _______ wasn’t just any connector, but the header for connecting straight to the ATM’s main bus, which interconnected all the other ATM’s components, from the screen to the PIN pad, and from the internal cash store to the ATM dispenser.

Answer 9

10-pin header

Question 10

Attackers took complete control over ATMs
➢ATMs special software and use encryption is very easy to.
➢ATM operations is very easy to understand, which allows to reverse engineer the ATM’s inner workings.
➢There are plenty of ATM programming guides that have leaked online in the past.
➢The only downside of this attack was that crooks needed to carry a ____ with them in order to send commands to the ATM.

Answer 10

laptop

Question 11

Purchases of goods utilizing credit cards that are:
➢counterfeit
➢fictitious
➢altered or forged from different banks
➢Acquired the bank account details
➢skimming devices
➢persons manning the sales at different gas stations
➢boutiques
➢different casinos-hotels and other merchants
On-line transaction:
➢websites
➢international debit card accounts
➢acquired from the Business Processing Outsource (BPO) clientele.
Part of the scam:
➢acquire rooms by online booking
➢sell the room accommodations to players at the Casino for a lower price.

➢ You simply have to type credit card number into www page of the vendor for online transaction
➢ If electronic transactions are not secured the credit card numbers can be stolen by the hackers who can misuse this card by impersonation the credit card owner

Answer 11

Credit card fraud

Question 12

Skimming Device

Answer 12

Card reader and writer.

Question 13

Credit card companies for the most part have moved away from “swipe and signature” credit cards to _________ by this point; the technology known as EMV (Europay, MasterCard, and Visa) which is supposed to provide consumers with an added layer of security

Answer 13

chip and pin cards

Question 14

The cyber criminals had miniaturized the backpack setup into a tiny ____, a cheap and programmable device used by DIY hobbyists.
➢The size of the chip was not larger than the regular security chip used in credit cards. This may increase the thickness of the chip from 0.4mm to 0.7mm, but perfectly feasible when inserted into a PoS system.
-The criminal removed the chip from the original, solder it to the FUN card chip, and fixed both chips back-to-back onto the plastic body of another stolen card.

Answer 14

FUN card chip

Question 15

– E-COMMERCE ACT OF 2000

Section 33. Penalties. - The following Acts, shall be penalized by fine and/or imprisonment,

Answer 15

R.A. 8792

Hacking

Question 16

with refers to unauthorized access into or interference in a computer system/server or information and communication system; or any access in order to corrupt, alter, steal, or destroy using a computer or other similar information and communication devices, without the knowledge and consent of the owner of the computer or information and communications system, including the introduction of computer viruses and the like, resulting in the corruption, destruction, alteration, theft or loss of electronic data messages or electronic documents shall be punished by a minimum fine of One Hundred Thousand pesos (P 100,000.00) and a maximum commensurate to the damage incurred and a mandatory imprisonment of six (6) months to three (3) years;

Answer 16

a) Hacking or crackling

Question 17

In one of the largest cyber heist in the history, hackers ordered the Federal Reserved Bank of New York to transfer $81 Million from Bangladesh Bank to accounts in the Philippines

Answer 17

Bangladesh Bank Heist/ Hacking

Question 18

Its is technique of pulling out confidential information from the bank/financial institutional account holders by deceptive means

Answer 18

Phishing

Actual website
Deceptive website

Question 19

Sale of information regarding of thousand bank accounts holder

Answer 19

Database Selling

Question 20

3. INVESTMENT SCAM

Answer 20

BOILER ROOM/INVESTMENT FRAUD

ONLINE PALUWAGAN

Question 21

Modus Operandi:

➢Suspect get profile of would-be victims online
➢Suspects & victims Communicate online or thru phone call
➢Suspect offers sale of shares of stocks
➢Victim send payment to account number provided by suspects.

Answer 21

BOILER ROOM/INVESTMENT FRAU

Question 22

Modus Operandi

➢Agents of the “paluwagan” business scheme will encourage a person to invest.
➢The ‘investment’ amount will grow as high as 66% the moment a newly- recruited member or investor can recruit more members for the group

Answer 22

Online Paluwagan

Question 23

4. MONEY REMMITTANCE FRAUD

Answer 23

Money Remittance Companies abroad, which are catering Filipino Overseas Worker (OFW) is not spared by the hackers.

➢ In a case of a Philippine based company subsidized Money Remittance Agency abroad, our investigation presumed that hacker already established connections with their remittance system longtime ago.

➢. This is based on the documents provided to the investigator by INTERPOL, which disclosed that fake accounts had been created few years ago, without funds.
These accounts were used to remit money to several persons here in the Philippine through their newly opened bank accounts.

➢Correspondence was sent to the Philippine based Company for their formal complaint to proceed with the investigation but no response has been received yet as of this writing.
➢Another case under investigation by PNP ACG is the money remittance from a foreign branch of a local bank.

➢Using the username and password of the branch manager, the hacker was able to transfer a huge amount of money to another branch in Mindanao.

➢The remittance was withdrawn over the counter and was deposited again to different local bank less the commission of the withdrawer.
➢The branch manager suspected that his credentials were compromised after receiving and opening an email that purportedly a warning message from the FBI.

➢The hard drive of the computer system of the Branch Manager should be subjected for Digital Forensic Examination.

➢The Branch Manager account’s access logs must also be provided by the bank IT Department to prove the alleged illegal access.

Question 24

5. BUSINESS EMAIL COMPROMISE

Answer 24

MAN-IN-THE-MIDDLE
(MITM)

EMAIL SPOOFING

Question 25

➢The modus operandi of the hacking of email account can be associated to the “______” attack.

➢an attacker hijacks communications between two machines, he then sets up his computer to filter the communications between the two compromised accounts, allowing him to view and alter the communications.

Answer 25

Man-in-the-Middle

Question 26

• is the creation of an account (email, social media account, etc.) that looks like the same of the original, which the receiver cannot distinguish at the first instance.
• occurs when a scammer targets an organization and sends personalized emails.

➢Emails may appear to have been sent from a trustworthy source such as an employer or staff member.

➢The scammer’s aim is to convince you that the email requires urgent action for fund transfer taking advantage of the unsuspecting receiver.

Answer 26

Email spoofing

Question 27

occurs when a scammer targets an organization and sends personalized emails.

•Using almost similar email account instruct Company A to pay to a different bank account.

Answer 27

Email Spoofing

Question 28

The group will call an unsuspecting victim in China to introduce themselves as members of the Chinese police.
➢The suspects would then tell the victims that their bank accounts were being used for money laundering and other illegal activities.
➢The syndicate will then tell the victim to transfer their money to a ‘safe account’ that the suspects will provide, to which most of the victims have agreed out of fear of any action by ‘police authorities’ if they refuse to comply

Answer 28

6. TELECOM FRAUD

Through Social Engineering)

Question 29

PNP ACG conducted operation on a group of telecom hackers

• A US telecom company was the victim
• In cooperation with FBI and US Embassy in Manila

Answer 29

TELECOM FRAUD

Through Account Hacking

Question 30

The group allegedly hacked lines for international calls of Globe Telecom and rerouted them to mostly foreigners living in the Philippines, charging them less than half the normal international call rate.

➢The suspects used GSM (Global System of Mobile Communication) an apparatus connected to the computers which have a software capable of rerouting international calls.

___ is an illegal act in the country because it deprives government of unrealized revenues.

➢On the other hand, Telecom is losing huge amount of money because international calls were being charged an rerouted a mere local calls.

Answer 30

INTERNATIONAL SIMPLE RESALE

Question 31

➢Congrats! You’ve won a large sum of money in a foreign lottery (that you never joined)

➢ But you need to send a small “transaction fee”

➢ You may even get a check as proof of your winnings… but the check bounces a large sum of

Answer 31

8. LOTTERY TEXT SCAM

Question 32

Bad guy/gal uses online dating or social networking sites and posts attractive picture
➢Communicates and gains victim’s confidence
➢Then asks for money
➢Travel expenses to meet in person
➢Medical expenses
➢Information about the victim’s significant details such as bank account and credit cards to commit fraud.

Answer 32

9. Romance scam

Question 33

Devising any scheme to defraud, or for obtaining money or property by means of false or fraudulent pretenses, or promises, and using the Internet for the purpose of executing the scheme.”

Answer 33

10. NON-DELIVERY/NON-PAYMENT OF MERCHANDISE