1) The document discusses SIM swap fraud, which involves criminals convincing mobile carriers to transfer a victim's phone number to a SIM card in the criminal's possession. This allows them to intercept calls and texts, including banking one-time passcodes.
2) SIM swap fraud often works in tandem with phishing scams, where criminals first obtain personal details through phishing emails or texts before engaging in SIM swapping.
3) Statistics show SIM swap fraud is increasing, with over 1000 reported cases in South Africa in 2012 compared to under 100 in 2011. The document provides tips on how to protect against SIM swap and phishing scams.
This paper presents the awareness of Sim Swap attack among people and prevention of this attack, where the fraud person will Gain the personal information of person from different ways like fake call , sms ,Email, link, social media etc. mobile number is linked with bank and adhaar card the fraud person will gain the access of Bank account, credit card number and other personal information easily by trying various methods like MNC, Phone call, Hacking .It is difficult to undo the damage occurs. Snehal Manohar Awale | Dr. Praveen Gupta ""Awareness of Sim Swap Attack"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-4 , June 2019, URL: https://www.ijtsrd.com/papers/ijtsrd23982.pdf
Paper URL: https://www.ijtsrd.com/management/other/23982/awareness-of-sim-swap-attack/snehal-manohar-awale
SIM swapping occurs when a fraudster, using social engineering techniques, takes control over your mobile phone SIM card using your stolen personal data.
Today commerce face many challenges as they collect user data and their card details. Fraudsters are attacking bot big and small merchants anywhere in the world. The slides are about identifying fraud and fighting against it.
This paper presents the awareness of Sim Swap attack among people and prevention of this attack, where the fraud person will Gain the personal information of person from different ways like fake call , sms ,Email, link, social media etc. mobile number is linked with bank and adhaar card the fraud person will gain the access of Bank account, credit card number and other personal information easily by trying various methods like MNC, Phone call, Hacking .It is difficult to undo the damage occurs. Snehal Manohar Awale | Dr. Praveen Gupta ""Awareness of Sim Swap Attack"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-4 , June 2019, URL: https://www.ijtsrd.com/papers/ijtsrd23982.pdf
Paper URL: https://www.ijtsrd.com/management/other/23982/awareness-of-sim-swap-attack/snehal-manohar-awale
SIM swapping occurs when a fraudster, using social engineering techniques, takes control over your mobile phone SIM card using your stolen personal data.
Today commerce face many challenges as they collect user data and their card details. Fraudsters are attacking bot big and small merchants anywhere in the world. The slides are about identifying fraud and fighting against it.
Beware of Scam Artists - Recognize Them Before They Get You!Narayan Makaram
Scam artists are expected to steal over $2 billion in 2020, according to ScamSpotter.org. They invariably contact you via phone calls, text messages or email, pretend to be someone you trust (e.g. IRS, your Bank, or IT support), and create a sense of urgency for you to respond. Scammers are primarily out to get your personal information, credit card numbers, or your money.
I will be walking through a few common scamming scenarios and arm you with the top actions that you can take to avoid being defrauded. It would be enlightening to hear some of your stories too, to make this session interactive. Together, we will learn how to stay a step ahead of the scammers.
Be Careful - Prevent Your Sim Card from Getting ClonedDavid Stoffel
Professional hackers can clone a SIM using a specialized hardware and SIM card reader. They can copy all the info from one sim to another easily by sending OTA commands through protected SMS. SIM card cloning can leave you bankrupt. Hence be careful. Follow these tips to prevent SIM card cloning. See more at: www.wesrch.com
More and more of us are turning to computers and mobile phones to manage our money. Find out the current threats and scams to digital banking, and see tips on how to stay safe when looking after your finances online.
This presentation will look at the different kinds of frauds and scams prevalent in our society today. We will show you how to identify them. We will give you some advice on how to avoid them. And we will show you what to do if you are the victim of one of these crimes.
I had amde this ppt for my college presentation. It doesnt cover the various faruds in minute detail but this presentation is a very good overview! Enjoy!
Avoid becoming a victim of the most common financial crimes. Learn valuable proactive steps you can take to protect yourself, your family and your business.
Over 40% of businesses in the UK have experienced fraud in the last year.
This practical guide gives you the information you need to help protect your business against growing threats of fraud.
We show you how and where fraud can take place throughout your business and highlight the "telltale" things to look out for.
We’ve also included key actions you should take to safeguard yourself and your business.
Taking some very basic steps can make a real difference to fraudsters’ success rates.
Whether you are a client of not I do hope that this guide helps business avoid being another statistic of crime this year.
Identity theft occurs when an unauthorized person uses your name, date of birth, social security number or other forms of identity to obtain credit in your name without your consent. Some identity theft methods include phishing, vishing, pretexting, shoulder surfing, dumpster diving, atm skimming and more. Stay alert and informed and protect yourself and your identity.
The paper explains the various strategies used by cyberrcriminals and the mesures to be adopted by the law enforcement officers or security service to combat cyber criminality. It also presents future targets and some reasons for collaboration between the security service and security students.
Beware of Scam Artists - Recognize Them Before They Get You!Narayan Makaram
Scam artists are expected to steal over $2 billion in 2020, according to ScamSpotter.org. They invariably contact you via phone calls, text messages or email, pretend to be someone you trust (e.g. IRS, your Bank, or IT support), and create a sense of urgency for you to respond. Scammers are primarily out to get your personal information, credit card numbers, or your money.
I will be walking through a few common scamming scenarios and arm you with the top actions that you can take to avoid being defrauded. It would be enlightening to hear some of your stories too, to make this session interactive. Together, we will learn how to stay a step ahead of the scammers.
Be Careful - Prevent Your Sim Card from Getting ClonedDavid Stoffel
Professional hackers can clone a SIM using a specialized hardware and SIM card reader. They can copy all the info from one sim to another easily by sending OTA commands through protected SMS. SIM card cloning can leave you bankrupt. Hence be careful. Follow these tips to prevent SIM card cloning. See more at: www.wesrch.com
More and more of us are turning to computers and mobile phones to manage our money. Find out the current threats and scams to digital banking, and see tips on how to stay safe when looking after your finances online.
This presentation will look at the different kinds of frauds and scams prevalent in our society today. We will show you how to identify them. We will give you some advice on how to avoid them. And we will show you what to do if you are the victim of one of these crimes.
I had amde this ppt for my college presentation. It doesnt cover the various faruds in minute detail but this presentation is a very good overview! Enjoy!
Avoid becoming a victim of the most common financial crimes. Learn valuable proactive steps you can take to protect yourself, your family and your business.
Over 40% of businesses in the UK have experienced fraud in the last year.
This practical guide gives you the information you need to help protect your business against growing threats of fraud.
We show you how and where fraud can take place throughout your business and highlight the "telltale" things to look out for.
We’ve also included key actions you should take to safeguard yourself and your business.
Taking some very basic steps can make a real difference to fraudsters’ success rates.
Whether you are a client of not I do hope that this guide helps business avoid being another statistic of crime this year.
Identity theft occurs when an unauthorized person uses your name, date of birth, social security number or other forms of identity to obtain credit in your name without your consent. Some identity theft methods include phishing, vishing, pretexting, shoulder surfing, dumpster diving, atm skimming and more. Stay alert and informed and protect yourself and your identity.
The paper explains the various strategies used by cyberrcriminals and the mesures to be adopted by the law enforcement officers or security service to combat cyber criminality. It also presents future targets and some reasons for collaboration between the security service and security students.
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docxwlynn1
Running head: HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1
How to avoid internet scams at the workplace
Christophe Bassono
CIST3000: Advanced Composition IS&T
Amanda L. Gutierrez, M.S. & M.A.
UNO-Fall 2018
HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 2
Online Fraud: How to Avoid Internet Scams in the Workplace
This section outlines how the researcher envisions presenting the report. The outline
demonstrates the different sections in which the report will be broken into and the
information that will be contained in each section
Introduction
Definition
Online fraud refers to deceitful schemes that are done using the internet. Online fraud may
come in the form of financial theft, identity theft or a combination of both.
History of Online Fraud
An influx of online fraud began to be experienced in the 1990s with the increased technology
use and e-commerce. In the beginning, online fraud was done by using the names of famous
celebrities of the time to commit internet crimes. Over time, more technical and sophisticated
plans were developed such as creating card-generator applications with real credit card
numbers, setting up dummy merchant websites and mass identity theft. Today, despite
attempts by various governments to regulate and mitigate online fraud, more sophisticated
online fraud schemes have been established ranging from credit card fraud to phishing,
hacking, and identity theft (Saeger & Probert, 2015).
In the recent past, computer fraud has evolved through a series of advancements outplaying
the traditional security defenses such as the two-factor authentication, antivirus, and SSL
encryption in the process. Zeus and SpyEye are the most common attack tools used by
hackers since they support the gathering of vast volumes of extremely sensitive
authentication data. It has been established that no single application is immune to attacks
and the malicious attackers are focusing more on online banking accounts because they offer
HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 3
most direct payoff. Online fraud is based on three core technologies: the botnet controllers
capable of handling hundreds of thousands of bots, highly effective data collection, and
sophisticated Trojans that are updateable.
Form grabbing for PCs running IE/Windows has been a simplified approach for fraud. The
technique helps attackers to extract data within browsers. The deployment of form grabbing
on compromised PCs allowed hackers to obtain numerous numbers of online bank account
IDs and passwords. The password-based authentication was termed no longer safe for online
banking prompting the introduction of two-factor authentication (Mellinger, 2011).
Nevertheless, criminals still found the loophole that helps them to challenge the security of
two-factor authentication through web injects. Malicious attackers that promote online fraud
have created various techniques.
Utilizing Internet for Fraud Examination and InvestigationGoutama Bachtiar
1st Session titled Redefining Fraud, Examination, Investigation and Cyber Crime delivered for Indonesia's Risk Management Certification Agency named Badan Sertifikasi Manajemen Resiko (BSMR).
The seminar itself titled 'Preventing Fraud within E-Channels in Banking Sector'.
Technical development is what most people think of when they think of attackers. This aspect of hacking requires computer-savvy actors performing development activities that include research to find zero-day vulnerabilities, development of exploits for these vulnerabilities, and tools to automate the different pieces of a hack (bot-nets, data exfiltration, etc.).
The Business of Hacking - Business innovation meets the business of hackingat MicroFocus Italy ❖✔
Introduction
Attackers are sophisticated. They are organized. We hear these statements a lot but what
do they mean to us? What does it mean to our businesses? When we dig deeper into the
“business of hacking,” we see that the attackers have become almost corporate in their behavior.
Their business looks a lot like ours. Cyber criminals look to maximize their profits and minimize
risk. They have to compete on quality, customer service, price, reputation, and innovation. The
suppliers specialize in their market offerings. They have software development lifecycles and
are rapidly moving to Software as a Service (SaaS) offerings. Our businesses overlap in so many
ways that we should start to look at these attackers as competitors.
This paper will explore the business of hacking: the different ways people make money by
hacking, the motivations, the organization. It will break down the businesses’ profitability and
risk levels, and provide an overall SWOT analysis. From this, opportunities for disruption will be
discussed and a competitive approach for disrupting the business of hacking will be laid out.
The information in this paper draws on data and observations from HPE Security teams, open
source intelligence, and other industry reports as noted.
Whether building in enterprise security or applying security intelligence and advanced analytics,
we can use our understanding of the business of hacking and the threats to our specific
businesses to ensure that we are investing in the most effective security strategy.
Webcast - how can banks defend against fraud?Uniphore
The Annual Global Fraud Survey, commissioned by Kroll and carried out by the Economist Intelligence Unit, reports that businesses lose nearly 1.6% of their revenue to fraud. While global banks are utilizing IT solutions to safeguard themselves from cyber and online phishing attacks, our webcast helps you understand an innovative and cutting edge technology which can help you to:
* Stop revenue loss on fraud/identity thefts
* Prevent customers from cyber attacks
* Ensure 100% fail-proof customer authentication
* Provide confidence to customers and improve CSAT
* Protect banking information and customer data breach
Fraud is getting harder for the good guys and easier for the bad guys. As merchants have dozens of rules to follow related to fraud and chargeback management, fraudsters have only two rules; 1) make money and 2) don’t get caught. Don’t be reluctant to pursue criminal charges and take action by sending a message to underground fraud rings.
Learn from the experts as they discuss the intricacies of a digital crime scene and how to pursue these anonymous villains.
If you would like the webinar recording or have any questions, please do not hesitate to contact us at fraudfighter@kount.com
4. 4
INTRODUCTION
• An underground cybercrime economy and cyber black market exists where
the cybercriminal can buy, sell, barter or trade criminal skills, tools and your
private information: you can buy identities, credit card information, botnet kits
to name but a few.
• Several years ago, hackers hacked computers. Now, criminals hack
computers and are more like offline crime syndicates, such as the Mafia or
urban gangs.
• Fraud, extortion and identity theft have been around for centuries, the
internet just makes it easier.
Mr SIM Swap: Gone Phishing
5. 5
INTRODUCTION (continued)
• Despite constant warnings and awareness campaigns, people still respond to
phishing/smishing attacks and provide sensitive information by phone or
email.
• By acquiring basic personal information through phishing, a criminal can
commandeer the cell phone account of an unknowing victim – intercepting or
initiating calls and intercepting SMSes and passwords sent by the victim’s
bank to authorise transactions on internet banking.
• Statistics have shown that SIM swapping is on the rise.
Mr SIM Swap: Gone Phishing
7. 7
• Phishing is a technique used to gain personal information for purposes of
identity theft, using fraudulent e-mail messages that appear to come from
legitimate businesses. These authentic-looking messages are designed to fool
recipients into divulging personal data such as account numbers and
passwords, credit card numbers and other personal information.
• Phishers also use spam, fake web sites, computer malware and other
techniques to trick people into divulging sensitive information.
• It is easier to hack a user than a computer.
• Once the phishers have captured enough information from a victim, they either
use the stolen information to defraud a victim, or sell it on the black market for a
profit.
PHISHING DEFINED
Mr SIM Swap: Gone Phishing
8. 8
• Honeynet Project
− The Honeynet Project is a non-profit, research organisation which aims to
improve the security of the Internet at no cost to the public by providing tools
and information on cyber security threats.
− Research shows that the average time spent in a cyber investigation was
approximately 34 hours per person to investigate an incident that took an
intruder about half an hour. That's about a 60:1 ratio!
(http://www.honeynet.org/challenge/results/)
PHISHING DEFINED (continued)
Mr SIM Swap: Gone Phishing
10. 10
SIM SWAP DEFINED
• SIM swap fraud is a type of spear phishing (i.e. targeted) attack.
• It is committed when a fraudster convinces a victim’s mobile network operator
to transfer a victim’s cellular number (MSISDN) to a SIM in the possession of
the fraudster.
• Details are obtained through phishing/smishing, social engineering
techniques. SIM swap attacks are effectively an extension of phishing
attacks, key loggers, etc. which are generally based on organised groups.
• The fraudster can then receive any incoming calls and text messages,
including banking one-time-passcodes (OTPs) that are sent to the victim’s
phone.
Mr SIM Swap: Gone Phishing
12. 12
• In most instances SIM swap fraud works hand-in-hand with phishing/smishing
(SMS phishing).
• SIM swapping is also described as the second phase of a phishing scam.
• When banks introduced measures such as OTPs that are delivered via SMS, it
was to combat phishing attacks and other malware. The fraudsters then moved
to performing SIM swaps to get hold of the OTPs.
• Whilst the attacks are highly targeted, the targeting is simply based on a set of
users who have been phished or key-logged and whose banking credentials are
already in the hands of the fraudsters.
• This type of attack poses financial and reputational risks.
RELATIONSHIP BETWEEN SIM SWAPS AND PHISHING
Mr SIM Swap: Gone Phishing
14. 14
SOME INTERESTING STATISTICS
Mr SIM Swap: Gone Phishing
The month of August marks a much
anticipated return to school for both
parents and students, but it appears that
the subject of education is just as
popular in the cybercrime underground
this time of year. RSA has observed an
increased supply of cybercrime courses,
lessons, counselling and tutoring offered
to fraudsters in rather official-looking
models, mimicking the activity of
legitimate schooling.
(RSA Online Fraud Report, September 2013)
15. 15
• RSA Online Fraud Reports show that South Africa does not fall within the top ten
countries hosting phishing attacks, but features high on the list of top ten
countries by attack volume.
• According to RSA Online Fraud Resource Center, 6 % of the global phishing
attack volume for the first half of 2013 was against South Africa.
• According to the South African Banking Risk Information Centre (Sabric), the
number of SIM swap incidents was under a 100 in 2011, but has jumped to more
than a 1000 in 2012.
SOME INTERESTING STATISTICS (continued)
Mr SIM Swap: Gone Phishing
16. Case Study
Mr SIM Swap: Gone Phishing
E & J Phisheries
With us you are never off the hook...
17. 17
After a long and successful career as the CEO of CiT Heist Enterprises , Mr.
Snoek started his own business – E & J Phisheries (E & J).
Several of his previous employees joined him in the new venture and business
was booming. Their key market was the financial industry and they had an
aggressive marketing strategy to identify potential customers within this sector.
The trusted CIO of E & J, Mr. Jack le Hack, continuously strived to develop and
identify new IT products that he could deliver to potential clients. These included
both hardware and software options with the sole purpose of making clients part
with their hard-earned cash and increasing the revenue stream of E & J.
CASE STUDY
E & J Phisheries
Mr SIM Swap: Gone Phishing
18. 18
But “competition” increased in the market and the financial industry partnered with
the mobile industry to offer innovate products that seriously impaired E & J’s
bottom line.
Internet banking became increasingly popular and to keep the market tight a client
would now receive an one-time-pin (OTP) to create new beneficiaries and other
transactions. This had a serious impact on Mr. Snoek’s cash flow.
To keep up with the latest market trend, Mr. Jack le Hack strategised with his team
and identified other uses for the (legitimate) SIM swap process used by mobile
operators. Putting yourself in your client’s shoes was taken to a whole new level:
E & J was back in the game and could now enable clients to part with their money
again without minimum effort on the client’s side.
CASE STUDY (continued)
E & J Phisheries
Mr SIM Swap: Gone Phishing
19. 19
With the help of previous business associates and other willing investors, E & J
quickly re-invested their clients’ funds to ensure a maximum return on investment.
But a new cartel appeared on the horizon, posing a significant threat to the
operations of E & J.
The banks, mobile operators and other agencies joined forces, and their anti-
competitive behaviour soon drove Mr. Snoek to drink. His business strategies
could still be effective if the different role players did not unite their forces against
him.
Sadly, the future of E & J Phisheries looks bleak….
CASE study (continued)
E & J Phisheries
Mr SIM Swap: Gone Phishing
21. 21
• The curricula vitae of the role players – profiling and analysis
• Syndicate activities?
• Can one agency investigate alone?
• Benefits of partnerships
• Fragile evidence
• Racketeering prosecutions?
• An opportunity missed by Mr. Snoek – premium rated services
INVESTIGATION METHODOLOGY
Mr SIM Swap: Gone Phishing
23. 23
• Never click on a link from an unknown source – be it on your computer or cell
phone.
• Never share personal or financial information via email or SMS.
• Inform your mobile operator and/or bank of suspicious emails and SMSes.
• Check your account regularly for fraudulent or unauthorised access and
transactions.
• Password security and social engineering.
• Keep anti-virus software up to date.
• Keep your cell phone information safe.
OUTSMART THE CRIMINALS
Mr SIM Swap: Gone Phishing
24. 24
• Register for SMS messaging services and keep your phone with you.
• Do not switch your phone off if you, for example, receive several annoying calls.
If you have no network reception, contact your mobile operator immediately from
an alternative number.
OUTSMART THE CRIMINALS (continued)
Mr SIM Swap: Gone Phishing
26. 26
• Whilst the financial loss of the actual fraud can be significant to the victim, the
loss of consumer faith and reputational risk can also be significant to mobile
operators and banks alike.
• Avoid becoming a phishing/SIM swap victim by keeping your personal
information safe.
• Report suspicious activity immediately.
• Be vigilant: keep abreast of latest cyber crime trends and information from your
mobile operator and bank.
CLOSING REMARKS
Mr SIM Swap: Gone Phishing