Cybercrime Threat Landscape: Cyber Criminals Never Sleep

6,696 views

Published on

A Glimpse into the Cybercrime Underground

In this session, Trusteer’s senior fraud prevention strategist, Etay Maor, will dive into the latest tools, techniques and threats developed and utilized by cybercriminals. The presentation will include a market overview of the latest offerings from the criminal underground, with a deep dive into some of the techniques discussed by cybercriminals, and review how they manifest as real attacks with real examples and case studies. A share of the presentation will also be dedicated to possible mitigation strategies and techniques.

During this webinar you will learn about:

- New malware attack and evasion techniques
- The latest underground offerings on the “fraud as a service” market
- The latest rumors and discussions around malware and malware authors from the underground
- Real-time intelligence and adaptable counter measures

Published in: Software, Technology
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
6,696
On SlideShare
0
From Embeds
0
Number of Embeds
4,032
Actions
Shares
0
Downloads
186
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide

Cybercrime Threat Landscape: Cyber Criminals Never Sleep

  1. 1. Cybercrime Threat Landscape: Cyber Criminals Never Sleep Etay Maor Senior Fraud Prevention Strategist
  2. 2. © IBM Trusteer, 2014 Security Silos FAIL!
  3. 3. © IBM Trusteer, 2014 3 Holistic Approach for Cybercrime WWW Phishing and Malware Fraud Advanced Threats (Employees) Online/Mobile Banking Money, Intellectual Property, Business Data Account Takeover, New Account Fraud Mobile Fraud Risk
  4. 4. Phishing 4
  5. 5. © IBM Trusteer, 2014 New C&Cs for Phishing 5
  6. 6. © IBM Trusteer, 2014 Targeting Security Solutions:  External and Perimeter  Anti virus  Sandbox  VMs  Login  Credential protection and encryption  OTP SMS  Device ID  Internal  Behavior anomaly detection  Clickstream analysis 6
  7. 7. © IBM Trusteer, 2014 Malware Protection 7
  8. 8. Malware Protection - Outsource
  9. 9. © IBM Trusteer, 2014 Device Forging
  10. 10. © IBM Trusteer, 2014 Bypassing Device ID Notification LoginInjection
  11. 11. © IBM Trusteer, 2014 Bypassing Device ID RDP Transaction
  12. 12. © IBM Trusteer, 2014 Behavior and Device ID Tricks 12  The data source:  Large European bank  3 weeks worth of data  1.5M accounts reviewed  10M login attempts  Fraudsters know behavioral profiling is in action  Fraud does not happen on the first login  30% of the users come from a mobile device  Confirmed fraud coming from the mobile channel. WHY?
  13. 13. New Mobile Threats 13
  14. 14. © IBM Trusteer, 2014 How Times Have Changed…
  15. 15. © IBM Trusteer, 2014 Overlay Mobile Attack
  16. 16. © IBM Trusteer, 2014 Overlay Mobile Attack
  17. 17. © IBM Trusteer, 2014 Mobile Ransomware
  18. 18. Cybercrime Services 18
  19. 19. © IBM Trusteer, 2014 19
  20. 20. © IBM Trusteer, 2014 A Page From a CT Book – Sounds Familiar?
  21. 21. © IBM Trusteer, 2014 Building a Solution Advanced Fraud Prevention Real Time Intelligence • Integrated: fully integrated to leverage threat data across channels • Global: identify threats any time, anywhere for all channels Seamless Experience • Transparent: minimize “action items” to user • Automated: minimize “action items” to staff Accurate Analysis • Focused: root cause • Impactful: prevent, detect, mitigate and remediate Adaptive Controls • Intelligent: build with the “unknowns” • Dynamic: rapidly updatable software
  22. 22. © IBM Trusteer, 2014 And Always Remember – Security is in YOUR Hands
  23. 23. © IBM Trusteer, 2014 And Always Remember – Security is in YOUR Hands 23
  24. 24. © IBM Trusteer, 2014 And Always Remember – Security is in YOUR Hands 24
  25. 25. Thank You

×