SlideShare una empresa de Scribd logo

Abc of hoax site investigation

Descargar como PPT, PDF
F
FrankSobotka
TecnologíaEntretenimiento y humor
1 de 25
ABC of Hoax Site Investigation
What is a Hoax/Phishing Site?  A site designed to steal passwords / numbers / sensitive information.  Disguised as a trustworthy entity so people fall for the scam
Hoax site history at Full Tilt  First hoax site appeared back in November 2005.  A lot of money stolen in March 06.  A lot of money stolen in Sept 06, however we were able to recover 90%  Seeing a new hoax site every few days  Majority of hoax sites appear to be from the same group. Very professional.  Very few other phishing scams appear.
Our Job  Respond to all hoax/phishing related questions.  Investigate accounts to see if they have been compromised.  Forward any accounts that have had funds stolen to Fraud Queue in Kana
New Procedures  Handbook entry: file://///tpfs1nw/workflow$/HANDBOOK/HANDBOOK/Initial%20Response%20for%20Hoax%20Related %20Emails.html  Answer emails in Hoax Related queue  Determine if player is informant or victim  Place restrictions on account  Respond to player addressing concerns and educate them
Email review – Victim or Informant? Case #1 ----- Original Message ----- From: TOM LOUIE To: support@sign-fulltiltpokercom Sent: Monday, February 26, 2007 5:22 PM Subject: $50000 giveaway hi, this is jenl88 again. at 2-14-2007 about 4am I was informed that two players visit try fulltiltpoker.com will get the $50000 giveaway. so I did it gave you all the informations ss # credit card # and all the informations. it said the funds will deposit to my credit card account. now I haven't get it yet. it said if I don't get it yet I should e-mail to you after 5 business days. please let me know what happen. thank you!!
Case #1 - Victim  Apply Restrictions  Review Know100  Respond to player. In this case we would add the web address to report Social Security Number fraud. (http://www.ssa.gov/oig/hotline/index .htm)
Email review – Victim or Informant? Case #2 To: support@fulltiltpokercom Sent: 03/03/07 8:14 PM Subject: Received this chat during tournament play… ACEPUTZ (Observer): ======================================= =System: FullTilt Poker giveaway $50,000. The first two players from this table who visit the website www.win50k-fulltiltpoker.com they will win $25,000. Hurry tilters!!! Admin : Chris Ferguson
Case #2 - Informant  Send template XXX.XXX  We thank these players for letting us know. Tell them how much we value players like themselves here at Full Tilt Poker
Email review – Victim or Informant? Case #3 To: security@fulltiltpokercom Sent: 03/03/07 8:17 PM Subject: scam My name is Joseph Welcome..My Full tilt nicname is anvil1765 my listed email address is anvil1765@yahoo.com. I was playing $10+1 11pm tourney game# 13906402 at table #33 when an observe names ACEPUTZ did the $50,000 give away scam....Just letting u know
Case #3 - Informant  Send template XXX.XXX  We thank these players for letting us know. Tell them how much we value players like themselves here at Full Tilt Poker
Email review – Victim or Informant? Case #4 To: security@fulltiltpokercom Sent: 03/03/07 8:28 PM Subject: scam I received this message while playing poker at your site. In a moment of stupidity I logged on to the site it looked like the full tilt site so I gave them my login and e-mail but did not give them my password on the next page it asked for net teller or credit card info and then I realized that I was making a mistake. Do I need to change my login?
Case #4 – Victim  Player informed us that they didn’t give password  We do not need to place restrictions on account.  Respond to player requesting they change their password just to be safe.
Email review – Victim or Informant? Case #5 To: security@fulltiltpokercom Sent: 03/03/07 8:28 PM Subject: Very URGENT!! Please help I went to the website, and it was full-tilt poker website, it told me that I am the second visitor and asked me for my Id and e-mail address. I filled it out and clicked next, and then it asks me for my epassporte ID and password. This is where I am right now. I want to know if this offer is legit. Please reply ASAP.
Case #5 – Victim  Player entered PlayerID and email, and was waiting for us to respond  Assume player was impatient and entered details.  Follow standard victim procedures
Email review – Victim or Informant? Case #6 To: security@fulltiltpokercom Sent: 03/03/07 8:28 PM Subject: possible scam This was posted in the message part of the table during tournament 13449279. I went to the site and they said congrats etc, fill out name, password, and e-mail address. I did and then it said you could not put the money in my Full tilt account and offered options like paypal. That is when I quit the process. I changed my password to my account. My screename is 2007orBust and my e-mail address is overnightllc@aol.com. Please let me know i this was a fraud and if I need to do anything further.
Case #6 – Victim  Player entered PlayerID and email.  However they had informed us that they had changed their password. Therefore account is secure.  No need to place restrictions or reset password.  Confirm for player that this was a hoax site, and thank them for changing password.
Reading Know100  Run a Know100 with a big threshold like 9999999  We are looking for a foreign login over the past few days. Clean logins Foreign Logins
Evidence of chip dumping
Restricting Account 1. Select the ‘Security & Limits’ tab in WAT 2. Check ‘No Play’, ‘No Mix, ‘No Deposit’, ‘No Transfer’, ‘No Chat’ and hit Submit and Accept. 1 2
Reset Password  On Player Summary page, select Reset Password. Enter ‘Hoax Site Victim – Resetting Password’
Notate account  In WAT, notate account with: “HOAX: Victim of hoax site. No foreign logins found. Reset password and placed restrictions on account. Once player emails in confirming they have changed their password, please remove restrictions.” Note: Please ensure player doesn’t have any current chat related bans.
Sending Email  We will be using templates, however it should be customized just like every other email  If they mention a payment processor, provide their contact details.  If they say a credit card, then get them to contact their bank  Sympathize with the player  Educate with links to our identity protection page.
Account used to spam hoax site 1. Boot player from system. 2. Notate account with: “Hoax Site victim – Used to spam hoax site” 3. Restrict account. 4. Send player an email. 5. Follow handbook to have website removed Note: Do not TRAP account. This will only cause headaches for us.
Evidence of stolen funds  Pause account  IR the player explaining their account has been compromised and we are investigating.  Route the follow-up to the fraud queue

Recomendados

Security team training
Security team trainingSecurity team training
Security team training
FrankSobotka
 
Fraud email routing
Fraud email routingFraud email routing
Fraud email routing
FrankSobotka
 
Lloyds Bank fraud guidance
Lloyds Bank fraud guidanceLloyds Bank fraud guidance
Lloyds Bank fraud guidance
David Atkinson
 
FNC Personal Protect Workshop
FNC Personal Protect WorkshopFNC Personal Protect Workshop
FNC Personal Protect Workshop
forensicsnation
 
Lottery scam
Lottery scamLottery scam
Lottery scam
BrijeshR3
 
Identity Theft
Identity TheftIdentity Theft
Identity Theft
Lisa Sosebee
 
CRYPTOCURRENCIES GUIDE (FROM COINS.PH TO BINANCE)
CRYPTOCURRENCIES GUIDE (FROM COINS.PH TO BINANCE)CRYPTOCURRENCIES GUIDE (FROM COINS.PH TO BINANCE)
CRYPTOCURRENCIES GUIDE (FROM COINS.PH TO BINANCE)
CJ Prestoza
 
IDENTIFYING CYBER THREATS NEAR YOU
IDENTIFYING CYBER THREATS NEAR YOUIDENTIFYING CYBER THREATS NEAR YOU
IDENTIFYING CYBER THREATS NEAR YOU
Billy Warero
 

Recomendados

Security team training
Security team trainingSecurity team training
Security team training
FrankSobotka
 
Fraud email routing
Fraud email routingFraud email routing
Fraud email routing
FrankSobotka
 
Lloyds Bank fraud guidance
Lloyds Bank fraud guidanceLloyds Bank fraud guidance
Lloyds Bank fraud guidance
David Atkinson
 
FNC Personal Protect Workshop
FNC Personal Protect WorkshopFNC Personal Protect Workshop
FNC Personal Protect Workshop
forensicsnation
 
Lottery scam
Lottery scamLottery scam
Lottery scam
BrijeshR3
 
Identity Theft
Identity TheftIdentity Theft
Identity Theft
Lisa Sosebee
 
CRYPTOCURRENCIES GUIDE (FROM COINS.PH TO BINANCE)
CRYPTOCURRENCIES GUIDE (FROM COINS.PH TO BINANCE)CRYPTOCURRENCIES GUIDE (FROM COINS.PH TO BINANCE)
CRYPTOCURRENCIES GUIDE (FROM COINS.PH TO BINANCE)
CJ Prestoza
 
IDENTIFYING CYBER THREATS NEAR YOU
IDENTIFYING CYBER THREATS NEAR YOUIDENTIFYING CYBER THREATS NEAR YOU
IDENTIFYING CYBER THREATS NEAR YOU
Billy Warero
 
3 pervasive phishing scams
3 pervasive phishing scams3 pervasive phishing scams
3 pervasive phishing scams
SafeSpaceOnline
 
Cyber Crime Campain Messages_Poster_Final
Cyber Crime Campain Messages_Poster_FinalCyber Crime Campain Messages_Poster_Final
Cyber Crime Campain Messages_Poster_Final
Siphiwe Msibi
 
PhishingandPharming
PhishingandPharmingPhishingandPharming
PhishingandPharming
Dawn Hicks
 
RDrew Identity Theft -- What to Do
RDrew Identity Theft -- What to DoRDrew Identity Theft -- What to Do
RDrew Identity Theft -- What to Do
Ron Drew
 
Id Theft
Id TheftId Theft
Id Theft
mojo_5
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
Preeti Papneja
 
Identity fraud
Identity fraudIdentity fraud
Identity fraud
scamtools
 
Identity fraud
Identity fraudIdentity fraud
Identity fraud
scamtools
 
Avoiding Fraud and Identity Theft - October 2008
Avoiding Fraud and Identity Theft - October 2008Avoiding Fraud and Identity Theft - October 2008
Avoiding Fraud and Identity Theft - October 2008
FinancialCenter
 
Protecting Yourself Against Identity Theft
Protecting Yourself Against Identity TheftProtecting Yourself Against Identity Theft
Protecting Yourself Against Identity Theft
Dolf Dunn
 
Id Theft Seminar 6
Id Theft Seminar 6Id Theft Seminar 6
Id Theft Seminar 6
krupp
 
You Can Fight Identity Theft
You Can Fight Identity TheftYou Can Fight Identity Theft
You Can Fight Identity Theft
- Mark - Fullbright
 
You Have the Power to Stop Identity Theft
You Have the Power to Stop Identity TheftYou Have the Power to Stop Identity Theft
You Have the Power to Stop Identity Theft
- Mark - Fullbright
 
PHISHING attack
PHISHING attack PHISHING attack
PHISHING attack
Shubh Thakkar
 
Identity Fraud and How to Protect Yourself
Identity Fraud and How to Protect YourselfIdentity Fraud and How to Protect Yourself
Identity Fraud and How to Protect Yourself
Barry Caplin
 
The Difference between Pharming and Phishing
The Difference between Pharming and PhishingThe Difference between Pharming and Phishing
The Difference between Pharming and Phishing
Mason Bird
 
Protect Yourself Against Identity Theft
Protect Yourself Against Identity TheftProtect Yourself Against Identity Theft
Protect Yourself Against Identity Theft
pmass
 
Phishing attack
Phishing attackPhishing attack
Phishing attack
Raghav Chhabra
 
Frauds and scams
Frauds and scamsFrauds and scams
Frauds and scams
Harold Stallard
 
Indonesia OneSearch Sebagai Bentuk Implementasi Kerjasama
Indonesia OneSearch Sebagai Bentuk Implementasi KerjasamaIndonesia OneSearch Sebagai Bentuk Implementasi Kerjasama
Indonesia OneSearch Sebagai Bentuk Implementasi Kerjasama
Ismail Fahmi
 
Topik Penelitian Keamanan Informasi
Topik Penelitian Keamanan InformasiTopik Penelitian Keamanan Informasi
Topik Penelitian Keamanan Informasi
budi rahardjo
 
Design Sprints for Enterprises - Go weekly
Design Sprints for Enterprises - Go weeklyDesign Sprints for Enterprises - Go weekly
Design Sprints for Enterprises - Go weekly
Go Weekly
 

Más contenido relacionado

La actualidad más candente

Cyber Crime Campain Messages_Poster_Final
Cyber Crime Campain Messages_Poster_FinalCyber Crime Campain Messages_Poster_Final
Cyber Crime Campain Messages_Poster_Final
Siphiwe Msibi
 
PhishingandPharming
PhishingandPharmingPhishingandPharming
PhishingandPharming
Dawn Hicks
 
Identity fraud
Identity fraudIdentity fraud
Identity fraud
scamtools
 
Identity fraud
Identity fraudIdentity fraud
Identity fraud
scamtools
 
Id Theft Seminar 6
Id Theft Seminar 6Id Theft Seminar 6
Id Theft Seminar 6
krupp
 
Identity Fraud and How to Protect Yourself
Identity Fraud and How to Protect YourselfIdentity Fraud and How to Protect Yourself
Identity Fraud and How to Protect Yourself
Barry Caplin
 
Protect Yourself Against Identity Theft
Protect Yourself Against Identity TheftProtect Yourself Against Identity Theft
Protect Yourself Against Identity Theft
pmass
 

La actualidad más candente (19)

3 pervasive phishing scams
3 pervasive phishing scams3 pervasive phishing scams
3 pervasive phishing scams
 
Cyber Crime Campain Messages_Poster_Final
Cyber Crime Campain Messages_Poster_FinalCyber Crime Campain Messages_Poster_Final
Cyber Crime Campain Messages_Poster_Final
 
PhishingandPharming
PhishingandPharmingPhishingandPharming
PhishingandPharming
 
RDrew Identity Theft -- What to Do
RDrew Identity Theft -- What to DoRDrew Identity Theft -- What to Do
RDrew Identity Theft -- What to Do
 
Id Theft
Id TheftId Theft
Id Theft
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
Identity fraud
Identity fraudIdentity fraud
Identity fraud
 
Identity fraud
Identity fraudIdentity fraud
Identity fraud
 
Avoiding Fraud and Identity Theft - October 2008
Avoiding Fraud and Identity Theft - October 2008Avoiding Fraud and Identity Theft - October 2008
Avoiding Fraud and Identity Theft - October 2008
 
Protecting Yourself Against Identity Theft
Protecting Yourself Against Identity TheftProtecting Yourself Against Identity Theft
Protecting Yourself Against Identity Theft
 
Id Theft Seminar 6
Id Theft Seminar 6Id Theft Seminar 6
Id Theft Seminar 6
 
You Can Fight Identity Theft
You Can Fight Identity TheftYou Can Fight Identity Theft
You Can Fight Identity Theft
 
You Have the Power to Stop Identity Theft
You Have the Power to Stop Identity TheftYou Have the Power to Stop Identity Theft
You Have the Power to Stop Identity Theft
 
PHISHING attack
PHISHING attack PHISHING attack
PHISHING attack
 
Identity Fraud and How to Protect Yourself
Identity Fraud and How to Protect YourselfIdentity Fraud and How to Protect Yourself
Identity Fraud and How to Protect Yourself
 
The Difference between Pharming and Phishing
The Difference between Pharming and PhishingThe Difference between Pharming and Phishing
The Difference between Pharming and Phishing
 
Protect Yourself Against Identity Theft
Protect Yourself Against Identity TheftProtect Yourself Against Identity Theft
Protect Yourself Against Identity Theft
 
Phishing attack
Phishing attackPhishing attack
Phishing attack
 
Frauds and scams
Frauds and scamsFrauds and scams
Frauds and scams
 

Destacado

presentation on scam
presentation on scampresentation on scam
presentation on scam
mustafa2426
 

Destacado (20)

Indonesia OneSearch Sebagai Bentuk Implementasi Kerjasama
Indonesia OneSearch Sebagai Bentuk Implementasi KerjasamaIndonesia OneSearch Sebagai Bentuk Implementasi Kerjasama
Indonesia OneSearch Sebagai Bentuk Implementasi Kerjasama
 
Topik Penelitian Keamanan Informasi
Topik Penelitian Keamanan InformasiTopik Penelitian Keamanan Informasi
Topik Penelitian Keamanan Informasi
 
Design Sprints for Enterprises - Go weekly
Design Sprints for Enterprises - Go weeklyDesign Sprints for Enterprises - Go weekly
Design Sprints for Enterprises - Go weekly
 
Ppt Penyebaran Berita Hoax Melalui Internet
Ppt Penyebaran Berita Hoax Melalui InternetPpt Penyebaran Berita Hoax Melalui Internet
Ppt Penyebaran Berita Hoax Melalui Internet
 
Dealing with Hoax
Dealing with HoaxDealing with Hoax
Dealing with Hoax
 
Membaca Indonesia Melalui SNA
Membaca Indonesia Melalui SNAMembaca Indonesia Melalui SNA
Membaca Indonesia Melalui SNA
 
The Hidden Value of a Social Strategy: Social Listening in Practice
The Hidden Value of a Social Strategy: Social Listening in PracticeThe Hidden Value of a Social Strategy: Social Listening in Practice
The Hidden Value of a Social Strategy: Social Listening in Practice
 
Membaca Peta di Media Sosial Melalui Analisa Teks dan Social Network Analysis
Membaca Peta di Media Sosial Melalui Analisa Teks dan Social Network AnalysisMembaca Peta di Media Sosial Melalui Analisa Teks dan Social Network Analysis
Membaca Peta di Media Sosial Melalui Analisa Teks dan Social Network Analysis
 
Peta dan Tantangan Gerakan Anti Hoax di Indonesia
Peta dan Tantangan Gerakan Anti Hoax di IndonesiaPeta dan Tantangan Gerakan Anti Hoax di Indonesia
Peta dan Tantangan Gerakan Anti Hoax di Indonesia
 
Memerangi Hoax Melalui Situs Kolaborasi Cross Check
Memerangi Hoax Melalui Situs Kolaborasi Cross Check Memerangi Hoax Melalui Situs Kolaborasi Cross Check
Memerangi Hoax Melalui Situs Kolaborasi Cross Check
 
Analisis Teks Media Sosial dan Online
Analisis Teks Media Sosial dan OnlineAnalisis Teks Media Sosial dan Online
Analisis Teks Media Sosial dan Online
 
Berkenalan dengan media sosial
Berkenalan dengan media sosialBerkenalan dengan media sosial
Berkenalan dengan media sosial
 
Internet, Sosial Media dan Demokrasi Abad 21
Internet, Sosial Media dan Demokrasi Abad 21Internet, Sosial Media dan Demokrasi Abad 21
Internet, Sosial Media dan Demokrasi Abad 21
 
How to Create a Social Media Strategy for Your Blog
How to Create a Social Media Strategy for Your BlogHow to Create a Social Media Strategy for Your Blog
How to Create a Social Media Strategy for Your Blog
 
presentation on scam
presentation on scampresentation on scam
presentation on scam
 
Top five(5) scam’s of india
Top five(5) scam’s of indiaTop five(5) scam’s of india
Top five(5) scam’s of india
 
Strategi Gaul di Sosial Media
Strategi Gaul di Sosial MediaStrategi Gaul di Sosial Media
Strategi Gaul di Sosial Media
 
Perilaku Masyarakat Indonesia Terhadap Hoax, Media, dan Budaya Baca
Perilaku Masyarakat Indonesia Terhadap Hoax, Media, dan Budaya BacaPerilaku Masyarakat Indonesia Terhadap Hoax, Media, dan Budaya Baca
Perilaku Masyarakat Indonesia Terhadap Hoax, Media, dan Budaya Baca
 
Integrating Social Media in your business model
Integrating Social Media in your business modelIntegrating Social Media in your business model
Integrating Social Media in your business model
 
40 Inspiring Social Media Case Studies
40 Inspiring Social Media Case Studies40 Inspiring Social Media Case Studies
40 Inspiring Social Media Case Studies
 

Similar a Abc of hoax site investigation

Templates for kana
Templates for kanaTemplates for kana
Templates for kana
FrankSobotka
 
Protecting Yourself from Cyber Threats
Protecting Yourself from Cyber ThreatsProtecting Yourself from Cyber Threats
Protecting Yourself from Cyber Threats
Ray Brannon
 

Similar a Abc of hoax site investigation (20)

Faq
FaqFaq
Faq
 
Templates
TemplatesTemplates
Templates
 
Templates for kana
Templates for kanaTemplates for kana
Templates for kana
 
Id Theft Presntation
Id Theft Presntation Id Theft Presntation
Id Theft Presntation
 
Internet Scams, Identity Theft And
Internet Scams, Identity Theft AndInternet Scams, Identity Theft And
Internet Scams, Identity Theft And
 
Online Scams: How To Avoid Getting Fooled
Online Scams: How To Avoid Getting FooledOnline Scams: How To Avoid Getting Fooled
Online Scams: How To Avoid Getting Fooled
 
Cyber Fraud
Cyber Fraud Cyber Fraud
Cyber Fraud
 
Cash game
Cash gameCash game
Cash game
 
Cash game
Cash gameCash game
Cash game
 
Common Consumer Frauds and How to Avoid Them-03-14
Common Consumer Frauds and How to Avoid Them-03-14Common Consumer Frauds and How to Avoid Them-03-14
Common Consumer Frauds and How to Avoid Them-03-14
 
Internet Security - Naga Rohit S [ IIT Guwahati ] - Coding Club & DefCon DC91...
Internet Security - Naga Rohit S [ IIT Guwahati ] - Coding Club & DefCon DC91...Internet Security - Naga Rohit S [ IIT Guwahati ] - Coding Club & DefCon DC91...
Internet Security - Naga Rohit S [ IIT Guwahati ] - Coding Club & DefCon DC91...
 
ID Theft
ID TheftID Theft
ID Theft
 
Nigerian scam
Nigerian scamNigerian scam
Nigerian scam
 
Payment Frauds in India
Payment Frauds in India Payment Frauds in India
Payment Frauds in India
 
Rules
RulesRules
Rules
 
Week7 assgn2soulivanhch
Week7 assgn2soulivanhchWeek7 assgn2soulivanhch
Week7 assgn2soulivanhch
 
The Phishing Ecosystem
The Phishing EcosystemThe Phishing Ecosystem
The Phishing Ecosystem
 
reportphishing-full-v3.pptx
reportphishing-full-v3.pptxreportphishing-full-v3.pptx
reportphishing-full-v3.pptx
 
Protecting Yourself from Cyber Threats
Protecting Yourself from Cyber ThreatsProtecting Yourself from Cyber Threats
Protecting Yourself from Cyber Threats
 
How to Avoid Crypto Scams - Crypto JBro
How to Avoid Crypto Scams - Crypto JBroHow to Avoid Crypto Scams - Crypto JBro
How to Avoid Crypto Scams - Crypto JBro
 

Más de FrankSobotka

Communicating with third party security teams
Communicating with third party security teamsCommunicating with third party security teams
Communicating with third party security teams
FrankSobotka
 
Credit card chargeback reversals
Credit card chargeback reversalsCredit card chargeback reversals
Credit card chargeback reversals
FrankSobotka
 
Credit card and payment processor descriptors
Credit card and payment processor descriptorsCredit card and payment processor descriptors
Credit card and payment processor descriptors
FrankSobotka
 
Chargeback repayment
Chargeback repaymentChargeback repayment
Chargeback repayment
FrankSobotka
 
5.17.1 fraud batch processing tool (fbt)
5.17.1 fraud batch processing tool (fbt)5.17.1 fraud batch processing tool (fbt)
5.17.1 fraud batch processing tool (fbt)
FrankSobotka
 
5.17 requesting a seizure or deposit
5.17 requesting a seizure or deposit5.17 requesting a seizure or deposit
5.17 requesting a seizure or deposit
FrankSobotka
 
5.16.5 hoax fund transfers
5.16.5 hoax fund transfers5.16.5 hoax fund transfers
5.16.5 hoax fund transfers
FrankSobotka
 
5.16.4 initial response for hoax related emails
5.16.4 initial response for hoax related emails5.16.4 initial response for hoax related emails
5.16.4 initial response for hoax related emails
FrankSobotka
 
5.16.1 handling a new hoax site
5.16.1 handling a new hoax site5.16.1 handling a new hoax site
5.16.1 handling a new hoax site
FrankSobotka
 
5.15.3.6 collusion tournament cases
5.15.3.6 collusion tournament cases5.15.3.6 collusion tournament cases
5.15.3.6 collusion tournament cases
FrankSobotka
 
5.15.3.4 collusion live cash game cases
5.15.3.4 collusion live cash game cases5.15.3.4 collusion live cash game cases
5.15.3.4 collusion live cash game cases
FrankSobotka
 
5.15.3.2 chat cheating claims in ring games
5.15.3.2 chat cheating claims in ring games5.15.3.2 chat cheating claims in ring games
5.15.3.2 chat cheating claims in ring games
FrankSobotka
 
5.15.3.1 chat cheaters in live cash games
5.15.3.1 chat cheaters in live cash games5.15.3.1 chat cheaters in live cash games
5.15.3.1 chat cheaters in live cash games
FrankSobotka
 
5.2.13 fire pay deactivations reactivations
5.2.13 fire pay deactivations reactivations5.2.13 fire pay deactivations reactivations
5.2.13 fire pay deactivations reactivations
FrankSobotka
 
5.2.5 sending fraud templates
5.2.5 sending fraud templates5.2.5 sending fraud templates
5.2.5 sending fraud templates
FrankSobotka
 
5.2.3.1 non fraudulent chip dumping
5.2.3.1 non fraudulent chip dumping5.2.3.1 non fraudulent chip dumping
5.2.3.1 non fraudulent chip dumping
FrankSobotka
 
Disputed credit card charges
Disputed credit card chargesDisputed credit card charges
Disputed credit card charges
FrankSobotka
 
Toc fraud policy and procedure manual
Toc fraud policy and procedure manualToc fraud policy and procedure manual
Toc fraud policy and procedure manual
FrankSobotka
 

Más de FrankSobotka (20)

Communicating with third party security teams
Communicating with third party security teamsCommunicating with third party security teams
Communicating with third party security teams
 
Credit card chargeback reversals
Credit card chargeback reversalsCredit card chargeback reversals
Credit card chargeback reversals
 
Credit card and payment processor descriptors
Credit card and payment processor descriptorsCredit card and payment processor descriptors
Credit card and payment processor descriptors
 
Chargeback repayment
Chargeback repaymentChargeback repayment
Chargeback repayment
 
5.17.1 fraud batch processing tool (fbt)
5.17.1 fraud batch processing tool (fbt)5.17.1 fraud batch processing tool (fbt)
5.17.1 fraud batch processing tool (fbt)
 
5.17 requesting a seizure or deposit
5.17 requesting a seizure or deposit5.17 requesting a seizure or deposit
5.17 requesting a seizure or deposit
 
5.16.5 hoax fund transfers
5.16.5 hoax fund transfers5.16.5 hoax fund transfers
5.16.5 hoax fund transfers
 
5.16.4 initial response for hoax related emails
5.16.4 initial response for hoax related emails5.16.4 initial response for hoax related emails
5.16.4 initial response for hoax related emails
 
5.16.1 handling a new hoax site
5.16.1 handling a new hoax site5.16.1 handling a new hoax site
5.16.1 handling a new hoax site
 
5.15.3.6 collusion tournament cases
5.15.3.6 collusion tournament cases5.15.3.6 collusion tournament cases
5.15.3.6 collusion tournament cases
 
5.15.3.4 collusion live cash game cases
5.15.3.4 collusion live cash game cases5.15.3.4 collusion live cash game cases
5.15.3.4 collusion live cash game cases
 
5.15.3.2 chat cheating claims in ring games
5.15.3.2 chat cheating claims in ring games5.15.3.2 chat cheating claims in ring games
5.15.3.2 chat cheating claims in ring games
 
5.15.3.1 chat cheaters in live cash games
5.15.3.1 chat cheaters in live cash games5.15.3.1 chat cheaters in live cash games
5.15.3.1 chat cheaters in live cash games
 
5.2.13 fire pay deactivations reactivations
5.2.13 fire pay deactivations reactivations5.2.13 fire pay deactivations reactivations
5.2.13 fire pay deactivations reactivations
 
5.2.5 sending fraud templates
5.2.5 sending fraud templates5.2.5 sending fraud templates
5.2.5 sending fraud templates
 
5.2.3.1 non fraudulent chip dumping
5.2.3.1 non fraudulent chip dumping5.2.3.1 non fraudulent chip dumping
5.2.3.1 non fraudulent chip dumping
 
Disputed credit card charges
Disputed credit card chargesDisputed credit card charges
Disputed credit card charges
 
5.2.1 red alerts
5.2.1 red alerts5.2.1 red alerts
5.2.1 red alerts
 
Toc fraud policy and procedure manual
Toc fraud policy and procedure manualToc fraud policy and procedure manual
Toc fraud policy and procedure manual
 
Sn gmtt
Sn gmttSn gmtt
Sn gmtt
 

Último

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Último (20)

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 

Abc of hoax site investigation

  • 1. ABC of Hoax Site Investigation
  • 2. What is a Hoax/Phishing Site?  A site designed to steal passwords / numbers / sensitive information.  Disguised as a trustworthy entity so people fall for the scam
  • 3. Hoax site history at Full Tilt  First hoax site appeared back in November 2005.  A lot of money stolen in March 06.  A lot of money stolen in Sept 06, however we were able to recover 90%  Seeing a new hoax site every few days  Majority of hoax sites appear to be from the same group. Very professional.  Very few other phishing scams appear.
  • 4. Our Job  Respond to all hoax/phishing related questions.  Investigate accounts to see if they have been compromised.  Forward any accounts that have had funds stolen to Fraud Queue in Kana
  • 5. New Procedures  Handbook entry: file://///tpfs1nw/workflow$/HANDBOOK/HANDBOOK/Initial%20Response%20for%20Hoax%20Related %20Emails.html  Answer emails in Hoax Related queue  Determine if player is informant or victim  Place restrictions on account  Respond to player addressing concerns and educate them
  • 6. Email review – Victim or Informant? Case #1 ----- Original Message ----- From: TOM LOUIE To: support@sign-fulltiltpokercom Sent: Monday, February 26, 2007 5:22 PM Subject: $50000 giveaway hi, this is jenl88 again. at 2-14-2007 about 4am I was informed that two players visit try fulltiltpoker.com will get the $50000 giveaway. so I did it gave you all the informations ss # credit card # and all the informations. it said the funds will deposit to my credit card account. now I haven't get it yet. it said if I don't get it yet I should e-mail to you after 5 business days. please let me know what happen. thank you!!
  • 7. Case #1 - Victim  Apply Restrictions  Review Know100  Respond to player. In this case we would add the web address to report Social Security Number fraud. (http://www.ssa.gov/oig/hotline/index .htm)
  • 8. Email review – Victim or Informant? Case #2 To: support@fulltiltpokercom Sent: 03/03/07 8:14 PM Subject: Received this chat during tournament play… ACEPUTZ (Observer): ======================================= =System: FullTilt Poker giveaway $50,000. The first two players from this table who visit the website www.win50k-fulltiltpoker.com they will win $25,000. Hurry tilters!!! Admin : Chris Ferguson
  • 9. Case #2 - Informant  Send template XXX.XXX  We thank these players for letting us know. Tell them how much we value players like themselves here at Full Tilt Poker
  • 10. Email review – Victim or Informant? Case #3 To: security@fulltiltpokercom Sent: 03/03/07 8:17 PM Subject: scam My name is Joseph Welcome..My Full tilt nicname is anvil1765 my listed email address is anvil1765@yahoo.com. I was playing $10+1 11pm tourney game# 13906402 at table #33 when an observe names ACEPUTZ did the $50,000 give away scam....Just letting u know
  • 11. Case #3 - Informant  Send template XXX.XXX  We thank these players for letting us know. Tell them how much we value players like themselves here at Full Tilt Poker
  • 12. Email review – Victim or Informant? Case #4 To: security@fulltiltpokercom Sent: 03/03/07 8:28 PM Subject: scam I received this message while playing poker at your site. In a moment of stupidity I logged on to the site it looked like the full tilt site so I gave them my login and e-mail but did not give them my password on the next page it asked for net teller or credit card info and then I realized that I was making a mistake. Do I need to change my login?
  • 13. Case #4 – Victim  Player informed us that they didn’t give password  We do not need to place restrictions on account.  Respond to player requesting they change their password just to be safe.
  • 14. Email review – Victim or Informant? Case #5 To: security@fulltiltpokercom Sent: 03/03/07 8:28 PM Subject: Very URGENT!! Please help I went to the website, and it was full-tilt poker website, it told me that I am the second visitor and asked me for my Id and e-mail address. I filled it out and clicked next, and then it asks me for my epassporte ID and password. This is where I am right now. I want to know if this offer is legit. Please reply ASAP.
  • 15. Case #5 – Victim  Player entered PlayerID and email, and was waiting for us to respond  Assume player was impatient and entered details.  Follow standard victim procedures
  • 16. Email review – Victim or Informant? Case #6 To: security@fulltiltpokercom Sent: 03/03/07 8:28 PM Subject: possible scam This was posted in the message part of the table during tournament 13449279. I went to the site and they said congrats etc, fill out name, password, and e-mail address. I did and then it said you could not put the money in my Full tilt account and offered options like paypal. That is when I quit the process. I changed my password to my account. My screename is 2007orBust and my e-mail address is overnightllc@aol.com. Please let me know i this was a fraud and if I need to do anything further.
  • 17. Case #6 – Victim  Player entered PlayerID and email.  However they had informed us that they had changed their password. Therefore account is secure.  No need to place restrictions or reset password.  Confirm for player that this was a hoax site, and thank them for changing password.
  • 18. Reading Know100  Run a Know100 with a big threshold like 9999999  We are looking for a foreign login over the past few days. Clean logins Foreign Logins
  • 19. Evidence of chip dumping
  • 20. Restricting Account 1. Select the ‘Security & Limits’ tab in WAT 2. Check ‘No Play’, ‘No Mix, ‘No Deposit’, ‘No Transfer’, ‘No Chat’ and hit Submit and Accept. 1 2
  • 21. Reset Password  On Player Summary page, select Reset Password. Enter ‘Hoax Site Victim – Resetting Password’
  • 22. Notate account  In WAT, notate account with: “HOAX: Victim of hoax site. No foreign logins found. Reset password and placed restrictions on account. Once player emails in confirming they have changed their password, please remove restrictions.” Note: Please ensure player doesn’t have any current chat related bans.
  • 23. Sending Email  We will be using templates, however it should be customized just like every other email  If they mention a payment processor, provide their contact details.  If they say a credit card, then get them to contact their bank  Sympathize with the player  Educate with links to our identity protection page.
  • 24. Account used to spam hoax site 1. Boot player from system. 2. Notate account with: “Hoax Site victim – Used to spam hoax site” 3. Restrict account. 4. Send player an email. 5. Follow handbook to have website removed Note: Do not TRAP account. This will only cause headaches for us.
  • 25. Evidence of stolen funds  Pause account  IR the player explaining their account has been compromised and we are investigating.  Route the follow-up to the fraud queue