«Инфосистемы Джет» оценила годовые потери российского бизнеса от мошенничества. в период с 2014 по 2015 г. для кредитно-финансовой отрасли в совокупности данный показатель увеличился на 26,8%, что в рублевом эквиваленте превышает 8,9 млрд руб.;
в телекоммуникационном секторе по итогам 2015 г. наблюдается более умеренный рост потерь от мошеннических действий – 6,8% (более 21,75 млрд руб.);
This document discusses the evolution of attacks on medical devices in hospitals, termed MEDJACK.2. It analyzes data from three case studies of hospital networks compromised through medical devices. The attackers hid advanced tools within old malware variants that exploited vulnerabilities in older Windows systems still used by some medical devices. This allowed the malware to infiltrate networks undetected. Once inside, medical devices were easy targets that provided backdoors for exfiltrating data over long periods. The document concludes hospitals remain highly vulnerable and recommends best practices to improve medical device and network security.
The security of seven popular fitness trackers and the Apple Watch was tested. Some trackers had issues with Bluetooth visibility, authentication, and data tampering. Pebble Time, Microsoft Band 2, and Basis Peak were among the most secure, while Striiv Fusion, Xiaomi MiBand, and Runtastic Moment Elite had the most security risks due to inconsistencies with authentication, tampering protection, and encrypted data transmission. The Apple Watch was also found to be highly secure, though some encrypted data could be accessed with additional steps.
This document summarizes the results of a whole product dynamic "real-world" protection test conducted from February to June 2016. It tested 18 antivirus and internet security products on 1868 malicious URLs. The top performing products like F-Secure and Trend Micro blocked all threats without any system compromises. Products like Bitdefender, Kaspersky Lab and Avira blocked over 99% of threats with only a few user-dependent results. The test aims to simulate real-world browsing conditions and how well products can protect against internet-based malware threats.
Covert communication in mobile applicationsAndrey Apuhtin
This document describes a study on covert communication in mobile applications. The study found that 63% of external communication made by top popular free Android apps had no effect on user-observable app functionality. The study also developed a static analysis technique to detect covert communication. The technique achieved 93% precision and 61% recall compared to a dynamic analysis ground truth. When applied to additional apps, the technique identified covert connections that could be disabled with little to no impact on user experience in most cases. The document concludes covert communication is common in mobile apps and the static technique is effective for identifying and disabling unnecessary connections.
A rising number of threat actors have begun developing malware for Apple devices running Mac OS X and iOS. While threats remain lower than for Windows and Android, malware targeting Apple systems has grown steadily in recent years. Security researchers have uncovered vulnerabilities in Apple software, and zero-day brokers now offer bounties for Apple exploits. As Apple's popularity increases, malware for its platforms will likely continue to rise unless users take precautions to secure their devices.
WhatsApp plans to transfer user data including phone numbers and usage history to Facebook for targeted advertising and other purposes. This proposed change would violate WhatsApp's privacy policy which stated user data would not be used or disclosed for marketing. EPIC and CDD filed an FTC complaint arguing the transfer of previously collected user data without consent constitutes an unfair and deceptive trade practice that should be investigated and enjoined by the FTC.
This document presents a draft code of conduct for cloud infrastructure service providers regarding data protection. It aims to guide customers in assessing whether cloud infrastructure services are suitable for processing personal data in accordance with EU data protection law. The code outlines requirements for CISPs around lawful processing, security, data subject requests, and transparency. It also discusses the different roles and responsibilities of different types of cloud service providers like IaaS, PaaS, and SaaS.
The xDedic marketplace allows criminals to purchase access to over 70,000 hacked servers from around the world for as little as $6 each. Russian-speaking hackers operate the forum and provide tools to help buyers access and manage the compromised servers. An analysis found the stolen servers hosted point-of-sale software, email providers, and other sites and services that could enable financial crimes and cyberattacks.
The document analyzes the security design of a hypothetical wearable fitness tracker called WearFit. It describes WearFit's system architecture, which includes a wearable device, mobile application, and website. It then analyzes how WearFit's design addresses each of the top 10 software security flaws, such as using authentication and authorization, validating data, using cryptography correctly, and considering external components and future changes. The analysis provides examples of how the design mitigates threats like denial of service attacks, compromising the device, falsifying health data, and stealing user data.
Рынок услуг мобильного банкинга. Практики борьбы с SMS фродом.Alexey Kondrashov
Отчет посвящен услугам (существующим на рынке продуктам ) проведения финансовых операций и защиты от SMS фрода для мобильных пользователей, которые предлагают операторы, финансовые институты и агрегаторы в России и мире. В отчете рассмотрены существующие угрозы и способы защиты от них, практики применения мобильного банкинга.
Сервис uPay предназначен для представителей малого бизнеса. Он позволяет в течение нескольких дней начать прием безналичных платежей (в том числе электронных денег).
Сервис uPay предназначен для представителей малого бизнеса. Он позволяет в течение нескольких дней начать прием безналичных платежей (в том числе электронных денег).
AACIMP 2010 Summer School lecture. "Information Technologies" stream. "Information Technologies in Business" course.
More info at http://summerschool.ssa.org.ua
This document discusses the evolution of attacks on medical devices in hospitals, termed MEDJACK.2. It analyzes data from three case studies of hospital networks compromised through medical devices. The attackers hid advanced tools within old malware variants that exploited vulnerabilities in older Windows systems still used by some medical devices. This allowed the malware to infiltrate networks undetected. Once inside, medical devices were easy targets that provided backdoors for exfiltrating data over long periods. The document concludes hospitals remain highly vulnerable and recommends best practices to improve medical device and network security.
The security of seven popular fitness trackers and the Apple Watch was tested. Some trackers had issues with Bluetooth visibility, authentication, and data tampering. Pebble Time, Microsoft Band 2, and Basis Peak were among the most secure, while Striiv Fusion, Xiaomi MiBand, and Runtastic Moment Elite had the most security risks due to inconsistencies with authentication, tampering protection, and encrypted data transmission. The Apple Watch was also found to be highly secure, though some encrypted data could be accessed with additional steps.
This document summarizes the results of a whole product dynamic "real-world" protection test conducted from February to June 2016. It tested 18 antivirus and internet security products on 1868 malicious URLs. The top performing products like F-Secure and Trend Micro blocked all threats without any system compromises. Products like Bitdefender, Kaspersky Lab and Avira blocked over 99% of threats with only a few user-dependent results. The test aims to simulate real-world browsing conditions and how well products can protect against internet-based malware threats.
Covert communication in mobile applicationsAndrey Apuhtin
This document describes a study on covert communication in mobile applications. The study found that 63% of external communication made by top popular free Android apps had no effect on user-observable app functionality. The study also developed a static analysis technique to detect covert communication. The technique achieved 93% precision and 61% recall compared to a dynamic analysis ground truth. When applied to additional apps, the technique identified covert connections that could be disabled with little to no impact on user experience in most cases. The document concludes covert communication is common in mobile apps and the static technique is effective for identifying and disabling unnecessary connections.
A rising number of threat actors have begun developing malware for Apple devices running Mac OS X and iOS. While threats remain lower than for Windows and Android, malware targeting Apple systems has grown steadily in recent years. Security researchers have uncovered vulnerabilities in Apple software, and zero-day brokers now offer bounties for Apple exploits. As Apple's popularity increases, malware for its platforms will likely continue to rise unless users take precautions to secure their devices.
WhatsApp plans to transfer user data including phone numbers and usage history to Facebook for targeted advertising and other purposes. This proposed change would violate WhatsApp's privacy policy which stated user data would not be used or disclosed for marketing. EPIC and CDD filed an FTC complaint arguing the transfer of previously collected user data without consent constitutes an unfair and deceptive trade practice that should be investigated and enjoined by the FTC.
This document presents a draft code of conduct for cloud infrastructure service providers regarding data protection. It aims to guide customers in assessing whether cloud infrastructure services are suitable for processing personal data in accordance with EU data protection law. The code outlines requirements for CISPs around lawful processing, security, data subject requests, and transparency. It also discusses the different roles and responsibilities of different types of cloud service providers like IaaS, PaaS, and SaaS.
The xDedic marketplace allows criminals to purchase access to over 70,000 hacked servers from around the world for as little as $6 each. Russian-speaking hackers operate the forum and provide tools to help buyers access and manage the compromised servers. An analysis found the stolen servers hosted point-of-sale software, email providers, and other sites and services that could enable financial crimes and cyberattacks.
The document analyzes the security design of a hypothetical wearable fitness tracker called WearFit. It describes WearFit's system architecture, which includes a wearable device, mobile application, and website. It then analyzes how WearFit's design addresses each of the top 10 software security flaws, such as using authentication and authorization, validating data, using cryptography correctly, and considering external components and future changes. The analysis provides examples of how the design mitigates threats like denial of service attacks, compromising the device, falsifying health data, and stealing user data.
Рынок услуг мобильного банкинга. Практики борьбы с SMS фродом.Alexey Kondrashov
Отчет посвящен услугам (существующим на рынке продуктам ) проведения финансовых операций и защиты от SMS фрода для мобильных пользователей, которые предлагают операторы, финансовые институты и агрегаторы в России и мире. В отчете рассмотрены существующие угрозы и способы защиты от них, практики применения мобильного банкинга.
Сервис uPay предназначен для представителей малого бизнеса. Он позволяет в течение нескольких дней начать прием безналичных платежей (в том числе электронных денег).
Сервис uPay предназначен для представителей малого бизнеса. Он позволяет в течение нескольких дней начать прием безналичных платежей (в том числе электронных денег).
AACIMP 2010 Summer School lecture. "Information Technologies" stream. "Information Technologies in Business" course.
More info at http://summerschool.ssa.org.ua
Aitarget. Особенности работы с данными о потребителях на мобильных устройствах.HybridRussia
В докладе Ильи вы услышите о росте пользовательской активности в мобайле, а так же: Об изменении поведения потребителей - рост их активности в мобильных устройствах. Об использовании оффлайн-данных и платформы для cross-device работы с пользователем О примерах применения данных в мобайле.
Рositive Hack Days V. Противодействие платёжному фроду на сети оператора связиDenis Gorchakov
Программно-аппаратный комплекс для работы с Android-вирусами, используемый в операторе связи. Помогает выявлять мошеннические схемы и выстраивать защиту абонентов на основе получаемых данных
Honeypot and sandbox for Android malware in CSP's network that helps to reveal and disclose fraud schemes, build subscriber protection based on its data and etc.
Анти-фрод системы: правовые и технические аспекты, перспективы применения и ...Ivan Piskunov
Материалы с презентации II практическая конференция
«Информационная безопасность в финансах:
регулирование, экспертиза, кейсы», Москва, 29 июня 2017
Автор: Пискунов Иван
Финансовый сектор. Аспекты информационной безопасности 2016Qrator Labs
Целью настоящего исследования было изучить актуальность проблематики и масштаб угрозы DDoS-атак и атак на уязвимости приложений в российском финансовом секторе (банки и платежные системы), а также оценить уровень защищенности внешнего сетевого периметра организаций.
Similar to «Инфосистемы Джет» оценила годовые потери российского бизнеса от мошенничества (20)
The document summarizes technical details about ShadowPad, a modular cyber attack platform deployed through compromised software. It describes how ShadowPad operates in two stages, with an initial shellcode embedded in legitimate software that connects to command and control servers. The second stage acts as an orchestrator for five main modules, including for communication, DNS protocols, and loading additional plugins. Payloads are received from the C&C server as plugins and can perform data exfiltration.
The Center for Democracy & Technology filed a complaint with the Federal Trade Commission requesting an investigation into Hotspot Shield VPN's data sharing and security practices. The complaint alleges that Hotspot Shield makes strong claims about not tracking or logging user data, but its privacy policy describes more extensive logging. It is also alleged that Hotspot Shield uses third-party tracking libraries to facilitate targeted advertisements, contradicting its promises of privacy and security.
Nexusguard d do_s_threat_report_q1_2017_enAndrey Apuhtin
This document provides a summary of DDoS attack trends in Q1 2017 according to Nexusguard's analysis. Key findings include a 380% increase in attacks compared to the previous year, with unusually large attacks on holidays such as Chinese New Year and Valentine's Day. HTTP floods became the most common attack vector. The US was the top source of attacks globally, while China was the top source in the Asia-Pacific region. Larger and more complex multi-vector attacks targeting both volumetric and application layers became more common.
The document summarizes cybersecurity trends in the financial services sector in 2016. Some key points:
1) The financial services sector remained the most attacked industry in 2016, experiencing 65% more attacks on average than other sectors. Common attack methods included SQL injection and command injection exploits.
2) While total attacks increased in 2016, average security incidents decreased for financial services organizations monitored by IBM.
3) Insider threats, both malicious and inadvertent, posed a larger risk than outsider attacks for financial services organizations. The majority of insider attacks were caused by inadvertent or compromised systems rather than malicious insiders.
This document provides a summary of CLDAP reflection DDoS attacks observed by Akamai between October 2016 and January 2017. It details the attack methods, timelines, largest attacks observed, affected industries, source distributions by country and ASN, mitigation recommendations including filtering port 389, and conclusions regarding CLDAP reflection as an emerging DDoS vector.
This document provides a technical analysis of Pegasus spyware samples found on Android devices. Pegasus for Android (called Chrysaor) shares many capabilities with the iOS version, including exfiltrating data from apps, remote controlling devices via SMS, audio surveillance, screenshot capture, and disabling system updates. It uses known Android exploits to gain root access and SMS, HTTP, and MQTT for command and control. The spyware is designed to evade detection and delete itself if detected. Analysis of the samples revealed how the malware infects devices, communicates with its operators, and surreptitiously collects information from infected phones.
This document summarizes a study on zero-day vulnerabilities and exploits. The study obtained rare access to data on zero-day vulnerabilities and exploits to analyze metrics like life status, longevity, collision rates, and development costs. Some key findings include: 1) exploits have an average lifespan of 6.9 years after discovery before being patched, but 25% will last less than 1.5 years and 25% will last over 9.5 years, 2) after 1 year, approximately 5.7% of vulnerabilities in a stockpile will be discovered and disclosed by others, and 3) once an exploitable vulnerability is found, the median time to develop a working exploit is 22 days. The results provide insights to inform policy debates on
The APWG recorded more phishing in 2016 than in any previous year. In the 4th quarter of 2016, there were over 277,000 unique phishing sites detected, representing a 65% increase in total phishing attacks for 2016 compared to 2015. Phishing attacks have increased dramatically over the past 12 years, with an average of over 92,000 attacks per month in the 4th quarter of 2016 compared to just 1,600 attacks per month in the 4th quarter of 2004. Fraudsters in Brazil are increasingly using social media and mobile apps to defraud users in addition to traditional phishing techniques, though many of the hosting infrastructure for these attacks are located outside of Brazil, particularly in the United States and
This document contains a list of websites categorized into different areas of interest: finance, gambling, e-commerce, dating, and other. Over 50 websites are listed related to online payment processing, gambling sites, major retailers, social media, travel, and dating platforms. The list appears to have been compiled from someone's browser history.
The document lists processes and components of different point of sale (POS) software, including BrasilPOS, cch tax14, cch tax15, AccuPOS, Active-Charge, ADRM.EndPoint.Service, AFR38, Aireus, Aldelo, alohaedc, APRINT6, Aracs, aRPLUSPOS, ASTPOS, AxUpdatePortal, barnetPOS, bt, BTFULL, callerIdserver, CapptaGpPlus, CashBox, CashClub, CashFootprint, and Catapult.
Processes and components antivirus lists the executable files and processes associated with major antivirus software programs. It includes the process names for antivirus programs from companies like Avast, AVG, Avira, ClamWin Antivirus, ESET, F-Secure, GData, GFI Antivirus, Kaspersky, MalwareBytes Antivirus, McAfee, Microsoft, Panda, Sophos, Symantec, Trend Micro, and WebRoot Antivirus. The list provides information on the core processes used by antivirus software to scan for malware, monitor systems for infections, and provide protection.
The document analyzes the prevalence and security impact of HTTPS interception by middleboxes and antivirus software. The researchers developed techniques to detect interception based on differences between the TLS handshake and HTTP user agent. Applying these techniques to billions of connections, they found interception rates over an order of magnitude higher than previous estimates, and that the majority (97-62%) of intercepted connections had reduced security, with 10-40% vulnerable to decryption. Testing of interception products found most reduced security and many introduced severe vulnerabilities. The findings indicate widespread interception negatively impacts security.
This bill directs the Administrator of the National Highway Traffic Safety Administration to conduct a study to determine appropriate cybersecurity standards for motor vehicles. The study would identify necessary isolation, detection, and prevention measures to protect critical software systems. It would also identify best practices for securing driving data. The Administrator would submit a preliminary report within 1 year and a final report within 6 months, including recommendations for adoption of standards and any necessary legislation.
A former employee of the Federal Reserve Board installed unauthorized software on a Board server to earn bitcoins through the server's computing power. The employee modified security safeguards to remotely access the server from home. When confronted, the employee initially denied wrongdoing but later remotely deleted the software to conceal actions. Forensic analysis confirmed the employee's involvement, resulting in termination and a guilty plea to unlawful conversion of government property. The employee was sentenced to 12 months probation and a $5,000 fine.
Microsoft released patches for over 100 vulnerabilities in Windows, Internet Explorer, and Edge in 2016. While the number of vulnerabilities exploited in Internet Explorer before patching declined, no vulnerabilities in the newer Edge browser were exploited. Windows 10 introduced new security features like Attack Surface Reduction that remove vulnerable components. Over 60 vulnerabilities were also patched in various Windows user-mode components, with remote code execution being the most common type.
Muddy Waters Capital is short St. Jude Medical due to serious cybersecurity vulnerabilities identified in STJ's implantable cardiac devices. Researchers were able to replicate attacks that could cause devices to malfunction dangerously or drain batteries. The vulnerabilities stem from a lack of security protections in STJ's device ecosystem, including hundreds of thousands of home monitoring units distributed without adequate safeguards. A cardiologist is advising patients to unplug monitors and delaying implants until issues are addressed, which could take STJ at least two years to remediate through a recall and system rework. The cybersecurity risks may result in litigation if exploits endanger patients.
«Инфосистемы Джет» оценила годовые потери российского бизнеса от мошенничества
1. Экспертная оценка годовых
потерь от мошенничества
По мнению экспертов компании «Инфосистемы Джет», объемы
потерь российских компаний от мошенничества устойчиво растут.
«Эта тенденция актуальна для всех представителей различных
вертикальных рынков. Однако для компаний, традиционно
активно занимающихся борьбой с мошенничеством (операторов
связи и кредитно-финансовых организаций), характерно
увеличение общего числа попыток атак при одновременном
уменьшении количества их успешных реализаций за счет
повышения общего уровня противодействия», – поясняет
Алексей Сизов, руководитель направления противодействия
мошенничеству Центра информационной безопасности
компании «Инфосистемы Джет».
Также эксперты компании «Инфосистемы Джет» отмечают, что
дополнительное влияние на рост количества преступлений,
реализуемых сотрудниками компании-«жертвы», оказывает
экономическая нестабильность.
Экспертный расчет годовых потерь от
мошенничества является собственной оценкой
специалистов компании «Инфосистемы
Джет» по противодействию мошенничеству
и основан на данных о потерях кредитно-
финансовых организаций (в том числе
публичных), информации от экспертов –
представителей бизнеса, независимых
экспертов сообщества по противодействию
мошенничеству, аналитических материалах
платежных систем, отчетности регуляторов.
Экспертная оценка:
• не включает риски потерь, вызванные прямыми
хищениями денежных средств или товарной
продукции, кражи товаров из торговых
залов, обвеса и обсчета покупателей и
клиентов организаций. Также не включены
факты хищения средств из сейфов, взлома
банкоматов, кредитные, брокерские риски,
риски, связанные с другими спец. услугами
кредитно-финансовых организаций, и случаи
мошенничества с товарно-материальными
ценностями, не являющимися предметом
продаж компании или оказания услуг;
• содержит сведения об объеме свершившихся
хищений и не учитывает последующие
возмещения средств со стороны
злоумышленников;
• включает случаи мошенничества, реализуемые
злоумышленниками за счет специфики бизнес-
процессов, автоматизированных некоторыми
системами отечественных компаний.
Оценка потерь приведена в рублях с
распределением по ключевым категориям риска
для трех сфер отечественного бизнеса (кредитно-
финансовые организации, ритейл и телеком).
2. 2014 2015
Хищения в ДБО (юрлица)
8,2%Заражение вредоносным ПО
Удаленное управление PC
Прочее
Заражение вредоносным ПО
Фишинг
Социальная инженерия
Нелегитимная перерегистрация SIM-карты,
использующейся для дополнительной
аутентификации
Skimming
CNP (операции без использования карт)
Lost&Stolen (несанкционированные
операции по утерянным/украденным картам)
Социальная инженерия1
Несанкционированные операции
с клиентскими счетами
Несанкционированная выдача дополнительных
средств управления счетом (логина в ДБО,
дополнительной карты к счету и пр.)
Мошенничество, связанное с выполнением
планов сотрудников банка (по подключению
услуг, оформлению страховой и т.д.)
Прочее
Прочее
Хищения в ДБО (физлица)
Карточное мошенничество
Внутреннее мошенничество
2125 млн
924 млн
212,5 млн
289,4 млн
313,2 млн
246,2 млн
20,73 млн
146,88 млн
756 млн
856,8 млн
176,4 млн
71 млн
534 млн
249 млн
105 млн
39 млн
1950 млн
1068 млн
132,6 млн
527,8 млн
612,4 млн
515,1 млн
26,07 млн
146,28 млн
486 млн
1242 млн
162 млн
243 млн
1001 млн
442,8 млн
324 млн
82,8 млн
8,2%
15,6%
37,6%
82,4%
26,8%
95,5%
109,2%
25,8%
87,5%
77,8%
208,6%
112,3%
45%
242,3%
0,4%
35,7%
7,065млрд 8,962млрдОбщий объем годовых
потерь от мошенничества
По мнению команды по противодействию мошенничеству
компании «Инфосистемы Джет», эти цифры недооценены
в 3 раза.
«Стоит отметить, что уровень мошенничества по
скомпрометированным картам активно теряет свои позиции
благодаря требованиям по полному переходу на карты с
микропроцессором. При этом мошенничество в интернете
набирает обороты (что, впрочем, является выраженной
тенденцией уже на протяжении 5 лет). Объем хищений по
категории Card not present превысил объемы хищений по
скомпрометированным картам. Рост числа махинаций,
связанных с социальной инженерией, также сохранился как
тенденция и на сегодняшний день некоторые банки активно
проводят политику информирования клиентов о рисках
передачи третьим лицам информации», – комментирует
ситуацию Алексей Сизов.
Потери от внутреннего мошенничества превышают
1,85 млрд руб. Именно здесь за прошедший год
обозначилась наиболее пугающая тенденция роста
(практически в 2 раза). Этот тип мошенничества является
самым сложным с точки зрения детектирования: период
выявления схем хищений составляет в среднем 14 месяцев.
Кредитно-финансовые организации
3. 187млн
201,6млн
Прочее
ПРОДАЖА ЛОГИСТИКА ЗАКУПКИ
720млн
648млн
Кассовый фрод
1368млн
1728млн
Мошенничество
в маркетинге,
программах
лояльности
2391,3млн
1974млн
Логистическое
мошенничество
1572,4млн
1380,9млн
Мошенничество
в сфере закупок
2014 год
2015 год
5,629млрд
6,541млрд
Общий объем
годовых потерь
от мошенничества
10% 26,3%
7,8%
16,2%
21,1% 13,9%
Ритейл-компании
Продуктовый ритейл
5. Ритейл-компании
Ритейл одежды
ПРОДАЖА ЛОГИСТИКА ЗАКУПКИ
Кассовый фрод
1744,2млн
1590,3млн
Мошенничество
в маркетинге,
программах
лояльности
1631,6млн
1863,4млн
Логистическое
мошенничество
1261,1млн
910,36млн
Мошенничество
в сфере закупок
2014 год 2015 год
666,9млн
564,3млн
87,21млн.
46,17млн.
Прочее 5,272млрд
5,093млрд
Общий объем
годовых потерь
от мошенничества
ПРОДАЖА ЛОГИСТИКА ЗАКУПКИ
8,8% 12,4% 38,5%
15,4%
47,1% 3,4%
«Оценка рисков ритейлеров – задача не тривиальная: каждая компания оценивает потери
по уникальным критериям, а расчет недополученной прибыли проводит крайне малое
количество игроков на рынке. При этом оценка мошенничества по статье "невыясненные
потери" имеет тенденцию к небольшому росту», – поясняет Алексей Сизов.
6. Искажение доходов
за МГ/МН трафик
Нелегальная
терминация трафика
Дилерское
мошенничество
2 049млн
1 833млн
2 522млн
2 739млн
5 045млн
5 479млн
8 968млн
9 460млн
Рассинхронизация биллинга и коммутаторов
(включая умышленную), ошибки в тарифах и пр.
Обслуживание абнентов
первой линии (фиктивное
переоформление, смена
тарифов, изменение стоимости
услуги и пр.
Мошенничество в
мобильной коммерции,
с платежными шлюза-
ми и «кошельками»
Генераторы
трафика и взломы
шлюзов / АТС и т.п.
413,9млн
729,27млн
709,56млн
670,14млн.
768,69млн
748,9млн
2014 год 2015 год
Общий объем годовых
потерь от мошенничества
≈20,378млрд
≈21,758млрд
Общий объем годовых
потерь от мошенничества
5,5%
8,6%
8,6%
5,5%
14,7%
76,2%
10,5%
5^5$ 6,8%
Телеком-операторы1
Повышение уровня мошенничества
(в сравнении с 2014 годом) фиксируется в
дилерском мошенничестве и мошенничестве
с электронными кошельками. Нелегальная
терминация показывает небольшой рост (ок. 8%),
в том числе за счет значительного роста
мошенничества через ОТТ-сервисы.
При этом выраженного увеличения объема
хищений нет ни по одному пункту ввиду высокой
вовлеченности операторов в процессы защиты от
мошенничества и гарантирования доходов.
1
Цифры потерь рассчитаны с учетом того, что население РФ составляет 146 млн
человек, а проникновение мобильной связи – 135% (из расчета объективно «живых»
SIM-карт).