A standard fraud solution offers technology that consolidates data and analyzes it in order to predict the risk of fraud.
Many of those solutions either provide only a single layer of protection , take a long time to deploy or do not keep up with changing threats.
{Click}
In comparison Trusteer technology is adaptive, easy to deploy and provides multiple protection layers.
{Click}
Not only does Trusteer have the best technology, but it also provides an additional layer of unique services
When you deploy a Trusteer product you gain the benefit of a market leading research team that monitors fraud attack and constantly updates protections.
{Click}
In the fight against cybercrime the more intelligence you have the more effective you are.
Our protections are based on analysis of data from over 400 million monitored endpoints as well as intelligence from underground forums
Source: Presentation by Albert Le Dirac’h, Chairman and CEO, Komerční banka , April 16, 2015.
As a result the war against cybercrime is transformed:
Our customers report significant decrease in their operational costs due to more accurate detection
Many fraud cases are stooped at the root cause and never mature to a fraudulent money transfer - making the fraud prevention seamless to the customers
How fast due are customers see this value?
I’d like to share some data from a presentation by the CEO of Komerční banka a major commercial bank in the Czech Republic following 1 month of deploying Trusteer:
•90% reduction in logins from malware infected devices to the banks website
•150 potential fraud cases prevented
All this in just 1 month!
Our wiki page describing the malware encryption can be found here: https://wiki.haifa.ibm.com/doku.php?id=security:malware:configs:dyre
In a sentence - Dyre's configuration (and additional data, such as it's VNCm module) is kept on the hard drive, within an encrypted file.
The encryption consists of several layers of AES (Advanced Encryption Standard, used in plenty of encryption systems). We are able to decrypt it using tools we developed in lab, following reverse engineering research we conducted here. What changed in the binary
Day 0 – New MO using fake overlay messages and remote takeover of the computer is used in against LATAM banks. Victims are presented with fake messages asking them for the tokens in order to perform a “security update”. The attack is done via RAT to bypass device ID controls.
Trusteer endpoints detect the attack before first victims call in to report unauthorized transactions
Day 1 - The Trusteer malware team analyzes the data gathered and releases an updated defense within 24 hours. Ongoing monitoring shows that defense is stopping the new attack MO.
Day 3 – Trusteer intelligence team picks up chatter from the underground that a new fraud toolkit is behind the attack. The team is able to acquire the toolkit.
Day 4 - The toolkit is installed in Trusteer labs and end to end attack is reproduced and recorded. The demo helps targeted banks understand how their controls are bypassed and how to best educate their customers to identify the fake messages.
Day 30- the Fraud toolkit finds it way to a country in APAC
As Trusteer already released a global defense update , all attacks against Trusteer protected endpoint fails.