SlideShare a Scribd company logo

Business Email Compromise Scam

Guardian Analytics
Guardian Analytics

Learn how fraudsters compromise email accounts and trick employees into wiring them money. Read how the scam works, why it's so effective, and how to prevent it.

Economy & Finance
1 of 32
Download to read offline
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Business  Email  Compromise  – Why  it’s  So   Effective,  and  How  to  Prevent  It
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Guardian  Analytics  BEC  Education  Campaign • Best  Practices  Kit • Unbranded  materials  you  can  use   to  educate  your  clients • Materials  for  you  and  your  teams • Detection • Conversations  with  clients • Example  of  scams • Fraud  Update  on  BEC Guardian  Analytics  Best  Practices  Kit www.GuardianAnalytics.com/BEC-­‐FI 2 We’re  providing  materials  for  FIs  to  use  internally  and  for  them  to  use  to  educate  business  clients.
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary FBI  Warning:  Business  Email  Compromise 3 • Over  12,000   businesses   victimized • $1.2B   in  losses • Increase  in  270%  from   January  2015   to  August  2015 • Institutions  experiencing   their  clients  victimized  with   increasing  frequency  – many   seeing  clients  hit  daily!   Latest  BEC  impact
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Different  Forms  of  BEC 1.  Business  Email  Spoof 2.  Business  Email  Hack Criminal  determines  attack  pattern  based  on  whose  email  they   have  (CxO vs Controller/Procurement) Focus  on  CxO @Redllaw @Redlaw @Redlaw 3.  Business  Email  Hack /  Vendor   Email,  Invoice  Spoof Vendor @vendorr 4 Fraudsters’  preferred  attack  scheme  depends  on  which  email  account  he’s  able  to  compromise.  
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary 1.  CxO Masquerading  – Domain  Spoofing 1.  Business  Email  Spoof @Redllaw Finance Staff Create  new  lookalike  domain   (Redllaw vs.  Redlaw) Who  to  target And  impersonate Best  message Research  Target  Business  and  Person(s) General  information Personal  information Customers/partners Company  news Funding Products/patents Travel  plans 5 Fraudsters  use  publicly  available  information  to  learn  about  the  company  and  who  they  will   impersonate  to  make  the  emails  very  believable.  
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Monitor  CEO  email 2.  Business  Email  Hack  – CEO  Masquerading 6 2.  Business  Email  Hack Email   Takeover Phishing Social   Engineering Breaches Malware • Relationships • Common  phrases • Business  activities • Typical  transactions • Calendar/travel @Redlaw • Move • Delete • Auto-­‐forward Hide  email  traffic   using  rules Finance Staff Fraudster  studies  CEO’s  prior  emails  to  make  the  fake  email  consistent  with  style,  tone,  and  wording.  
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Criminal  “Payload”  is  Changing 7 Finance Staff Wire  Payment Employee/W2  info Finance  /   HR  Staff Wire   Fraud • Identity  theft • Tax  fraud • New  account   fraud Criminals  are  expanding  on  the  success  of  BEC  to  date,  now  asking  for  complete  W2  files.  
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Monitor  victim  email Vendors Vendor  email  traffic Relevant  “jump  in”  point Invoices 3.  Supplier  Masquerading  – Hacked       Internal  Email Email   Takeover Phishing Social   Engineering Breaches Malware @Redlaw @vendorr 3.  Business  Email  Hack /   Vendor  Email  Spoof Spoofed Invoice New  supplier   lookalike  domain Use  CC  to  fake   conversations   about  the  invoice Vendor • Move • Delete • Auto-­‐forward Hide  email  traffic   using  rules 8 Fraudsters  study  vendor  emails  &  invoices  to  make  attack  as  consistent  as  possible  with  prior  invoices.
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Criminals  Use  Simple  and  Complex  Schemes Email From:  CEO Subject:  Need  your  help  – pls keep  it  quiet To:  Dave,  Controller Message: Dave, Can  you  please  wire  $56,000  to  this  company.  I’m  in  a   meeting  right  now,  but  you  don’t  need  any  further   approvals. If  you  have  questions,  please  reply  to  this  email.  Your   prompt  attention  to  this  is  critical. Thanks, CEO Email From:  Vendor Subject:  Invoice  – New  Process To:  Finance,  Accounts  Payable Message: Please  find  attached  our  latest  invoice  for  the  past   billing  period.   Also  note  that  we  are  implementing  a  new  payment   process.  Instead  of  how  you  have  previously  made   payments,  please  wire  the  funds  directly  to  our   account.  Here  are  the  wire  instructions: Routing  number:  xxxxxxxxxx Account  number:  xxxxxxxxxx Email From:  CEO Subject:  Confidential  – Attorney  will  call To:  Dave,  Controller Message: Dear  Dave,   I  would  like  to  bring  you  in  on  something  very   important,  but  highly  confidential. I  would  appreciate   your  timely  support  as  well  as  your  discretion,  as  we   are  not  ready  to  tell  the  whole  company  about  this  – we  are  in  the  process  of  acquiring  a  company   overseas.  This  is  very  strategic  to  our  business. I’ll  be  connecting  you  with  a  lawyer  in  London  who  is   brokering  this  transaction  for  us.    He  will  provide   payment  instructions  for  you. I’m  handing  this  project  to  you  because  I  know  I  can   trust  you. I’ll  check  in  with  you  periodically. Thanks,   CEO Simple  Request § Relies  on  urgency  and  unavailability Complex  Story § Relies  on  secrecy,  sense  of  importance § Can  result  in  multiple   payments 9 Schemes  are  tuned  to  increase  credibility  and  decrease  likilhood of  victim  catching  on.
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Spoofed  Vendor  Payments  Seen  in  ACH 10 Email From:  Vendor Subject:  Invoice  – New  Process To:  Finance,  Accounts  Payable Message: Please  find  attached  our  latest  invoice  for  the  past   billing  period.   Also  note  that  we  are  implementing  a  new  payment   process.  Instead  of  how  you  have  previously  made   payments,  please  wire  the  funds  directly  to  our   account.  Here  are  the  wire  instructions: Routing  number:  xxxxxxxxxx Account  number:  xxxxxxxxxx Traditional:  Wire New:  ACH We’re  seeing  further  adaptation  of  the  scheme  to  be  consistent  with  prior  vendor  invoices.  
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Same  Day  ACH  – Good  Target  For  Criminals 11 • Prey  on  urgency/immediacy • Hard  to  detect  amidst  larger  ACH  volumes • Same  Day  ACH  likely  to  replace  some  wire  volume ODFI ACH  Files Morning  Same  Day   Submission Afternoon  Same  Day Submission Standard Submission Same  Day Settlement Fraudsters  will  likely  increase  the  use  of  ACH  to  take  advantage  of  the  speed  of  Same  Day  settlement.
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary BEC  Victim  Trends • Variety  of  business  types  under  attack • Title  companies • Consulting  firms • IT  providers • Legal  services • Tend  to  have  higher  transactional  volumes   • Businesses   victimized  multiple  times • Multiple  payments  as  part  of  one  scheme • “Vendor”  asking  for  multiple  invoices • Multiple  “vendors”  (one  business  hit  7  times) • Transportation • Food  service • Banks! 12 We’ve  seen  a  broad  range  of  businesses  being  victimized,  and  repeat  attacks  when  they’re  successful.
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary BEC  Transaction  Trends • Amounts   • Consistent  with  normal  company  amounts • Largest  -­ $5MM • Average  -­ $250K • Escalating  amounts • Case  1:  $3K,  $19K,  $30K,  $50K • Case  2:  $8K  to  $80K   • Beneficiary  FI  and  location • Mix  of  international   and  domestic   • US  -­ small  CUs  to  largest  banks • International  – mostly  Asia  or  Eastern   Europe • Beneficiary • Individual   -­ 1/3   • Businesses  -­ 2/3 • Trading  and  export • Products • Logistics • Services • Catering 13 Criminals  do  their  homework  and  keep  amounts  consistent  with  prior  payments.  
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Global  Distribution  of  Wire  Destinations Country %  of  incidents US 51.72% China 12.64% Hungary 8.05% Malaysia 5.75% Thailand 4.60% Hong  Kong 3.45% Nigeria 3.45% Bulgaria 1.15% UK 1.15% UAE 1.15% Seychelles 1.15% Ukraine 1.15% Taiwan 1.15% United  Kingdom 1.15% AU 1.15% Poland 1.15% Attempted  wires  – volume  of  tx 14 The  wide  distribution  of  beneficiaries  makes  it  difficult  to  detect  fraudulent  wires  by  monitoring  for   payments  to  specific  destinations
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Domestic  Distribution  of  Wire  Destinations State % of   incidents FL 18.75% NY 9.38% IN 9.38% CA 9.38% TX 9.38% NC 6.25% AZ 6.25% GA 6.25% MI 6.25% SC 3.13% WI 3.13% MS 3.13% ID 3.13% CT 3.13% OH 3.13% Attempted  wires  – volume  of  tx 15 Similarly  for  domestic  wires,  they’re  widespread,  risking  high  false  positives  for  rules-­‐based  systems.
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Impact  of  BEC  Fraud  On  Financial  Institutions 16 Increased  alerts  to  try  to  detect Increased  callbacks Increased  volume  &  cost  of  recovery Degradation  in  trust/experience Reputation  risk Cost  of  Education Increase  in bank  cost Poor  customer   experience Better  fraud   prevention  can  reduce     negative  impact Even  though  FIs  are  not  liable  for  losses,  they  are  hit  with  increased  costs  and  damaged  reputation.
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Why  Detecting  BEC  is  Hard 17 New  beneficiaries  common   (40%  of  wires  to  new   beneficiaries) BEC  beneficiary  FIs  vary   (domestic,  international,   banks,  credit  unions) Spoofed  CEO   email   Spoofed   supplier  email Legitimate   user (CFO  or   controller) Online Fax Branch Criminal  beneficiary or  mule Criminals  do  their   homework  on  their   targets  and  prey  on   urgency,  sense  of  duty   and  importance Legitimate  user  logs  into   online  banking  or  requests   the  wire  (legacy  ATO   detection  methods  don’t   work) BEC  amounts   within  typical   range  of  client   wires Fraudulent  wires  from  BEC  are  hard  to  detect  because  requestors,  process  and  amounts  are   consistent  with  prior  wires.  
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Typical  Fraud  Detection  Not  Working 18 Detection  Rates Alert   Volumes Low Low High High Trust  too  little Know  when  to  trust Know  when  NOT  to  trust Trust  too  much Over  $100K And international And new  recipient Over  $100K Or international Or new  recipient FIs  are  having  to  trade  off  volume  of  false  positives  with  friction  and  success  rates  at  detecting   fraudulent  payments.  Guardian  Analytics  delivers  high  detection  with  low  false  positives.
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Knowing  When  To  Trust,  When  to  Raise  Risk Learn  each  individual  originator  behavior  over  time  to  determine  risk Learn  new  recipient   ratio,  typical   beneficiary  patterns   (i.e.  keeps  false  positives   for  title  companies  down) Look  to  see  if  we  can   raise  or  lower  trust  of  a   beneficiary If  multiple  wires  to   same “bene”  spread   out,  can  raise  trust If  many  in  rapid  succession,   less  trustworthy Use  what  we’ve   learned  from  other   fraud Mule Match  in  mule  database?
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary 100+  Wire  Attributes  Analyzed 20 AddendaAddendaLength DisplayFields IntermediateFIName PaymentNotificationIndicator AddendaInformation DrawdownCreditAccount IntermediateFIStateProvince ReceiverFIName Amount DrawdownDebitAccount OBI ReceiverFIAddress1 AmountCurrencyCode DrawdownDebitAccountAdviceInfoAdditionalInfo OMADOutputCycleDate ReceiverFIAddress2 BBI DrawdownDebitAccountAdviceInfoAdviceCode OMADOutputDate ReceiverFIAddress3 BeneAddress1 ExchangeRate OMADOutputDestinationID ReceiverFICountryCode BeneAddress2 IMADInputCycleDate OMADOutputSequenceNumber ReceiverFIIDCode BeneAddress3 IMADInputSequenceNumber OMADOutputTime ReceiverFIID BeneCountryCode IMADInputSource OrigAddress1 ReceiverFIName BeneFIAddress1 ImmutableCompanyID OrigAddress2 ReceiverFIStateProvince BeneFIAddress2 ImmutableUserID OrigAddress3 Recurrence BeneFIAddress3 InstructedAmount OrigCountryCode RepeatRequest BeneficiaryAdviceInfoAdditionalInfo InstructedCurrencyCode OrigFIAddress1 RequestID BeneficiaryAdviceInfoAdviceCode InstructingFIAddress1 OrigFIAddress2 SenderFI BeneficiaryFIAdviceInfoAdditionalInfo InstructingFIAddress2 OrigFIAddress3 SenderFIAddress1 BeneficiaryFIAdviceInfoAdviceCode InstructingFIAddress3 OrigFICountryCode SenderFIAddress2 BeneFICountryCode InstructingFICountryCode OrigFIID SenderFIAddress3 BeneFIID InstructingFIID OrigFIIDCode SenderFICountryCode BeneFIIDCode InstructingFIIDCode OrigFIName SenderFIIDCode BeneFIName InstructingFIName OrigFIStateProvince SenderFIID BeneFIStateProvince InstructingFIStateProvince OrigIDCode SenderFIName BeneIDCode IntermediateFIAddress1 OrigName SenderFIStateProvince BeneIdentifier IntermediateFIAddress2 OrigStateProvince SenderReference BeneName IntermediateFIAddress3 PaymentNotificationContactFaxNumber SettlementMethod BeneReference IntermediateFIAdviceInfoAdditionalInfo PaymentNotificationContactMobileNumber Source BeneStateProvince IntermediateFIAdviceInfoAdviceCode PaymentNotificationContactName Status BusinessFunctionCode IntermediateFICountryCode PaymentNotificationContactNotificationElectronicAddress Type_Subtype DestinationType IntermediateFIID PaymentNotificationContactPhoneNumber SubType Direction IntermediateFIIDCode PaymentNotificationEndToEndIdentification TemplateName DisplayFields TransferDate DrawdownCreditAccount Type DrawdownDebitAccount WireID We  analyze  100+  aspects  of  client  behavior.  Risk  is  scored  based  on  combinations  of  activities.  
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Guardian  Analytics  Wire  Finds  Unusual  Wires Would  beneficiary  be  expected?   (new  beneficiary  ratio,  beneficiary  and     FI  location/region) Are  the  originator’s  wire  actions   normal?   (timing,  velocity,  type,  accounts,   direction,  use  of  instructions,  content  of   instructions) Are  the  wires  typical?   (type,  amount) Originator  Model Wire  Behavioral  Analytics Cross-­‐institution  risk  data (Network  effect) Beneficiary  Model Is  this  a  high  or  low  risk   beneficiary? (beneficiary  history  with  other   originators,  name/  account  number   match,  suspected  mule)   Self  learning No  rules  to  write Not  threat  specific Adapts  to  new  threat Automatic  updates  to  analytics 100+  attributes   from  wire  system 21 Our  solution  answers  behavioral  questions  that  indicate  what  is  normal  vs.  suspicious  behavior.
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Real-­time  Risk  Scoring  and  Intervention 22 Wire System Send  to  Fed Review  Alerts Risk  score  and   hold/release  instructions   returned  immediately  to   wire  system Mobile Branch Contact   Center Online File  upload Initiate Wire Wire  comes  in;  payment   fields  immediately  sent   to  Guardian  Analytics   for  analysis 9.2 2.2 Hold Release Analyze  30+  fields  and   nearly  75  attributes   from  PAYPlus Release/cancel Guardian  Analytics  Wire Every  wire  is  risk  scored.  Automatic  release  of  low-­‐risk  wires  allows  analysts  to  focus  their  time  on   investigating  the  small  number  of  high-­‐risk  payments.  
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Guardian  Analytics  Wire  Successfully  Detects  BEC Attack 1 Attack  2 Attack  3 Attack  4 Attack  5   Beneficiary   FI AZ-­based  CU Large  national   bank Large  national   bank Large International   bank Chinese  bank Beneficiary   Location AZ(previously sent  wires  to   many  states,  and   other  countries) NY   (previously  sent   wires  to  TX,  WI) HongKong   (had  done  US   and  UK  wires  in   the  past) China (history of    US   wires  only) Beneficiary Individual Individual Individual Business Business Originator   Velocity First  wire  in four   months OBI   Frequency Infrequent  or  new   or  use  of  OBI Originator   Amount $39K $20K   (most  wires  0-­‐ $1000) $73K $125K $2,871,000   $4,950,000   $4,850,000   $4,969,000 Originator   Description Frequent  wire   sender  – IT   Services  Company Frequent  wire     sender  – Title   Company Sporadicwire   sender  – Legal   Services Frequentwire   sender  – Transportation   Services Frequent  wire   sender  – Title   Company No  one  bank  pattern   – US/international,   large/small,  bank/CU No  one  location   pattern Combination  of   business  and   individual Mixed  use  of   instructions   Amount  often   within  range  of   typical  behavior Could  be  single   or  multiple  hits Attacks  have  a  wide  range  of  variation,  making  BEC  attacks  difficult  to  detect  with  rules.  
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Accurate  Detection,  Low  Alert  Volume The  combination     of  specific   attributes  of  this   wire  was  unusual   and  untrusted,   and  yielded  a  red   alert Guardian  Analytics  provides  complete  and  consolidated   view  of  account  history
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Accurate  Detection,  Low  Alert  Volume The  combination     of  specific   attributes  of  this   wire  was  unusual   and  untrusted,   and  yielded  a  red   alert Note  that  behavioral   deviations  are   expected  and  do  not   yield  red  alerts  (top   row) Note  the  variation  in   wire  amount  did  not   trigger  a  false-­‐positive   as  FraudMAP   recognized  combined   behavior  as  normal
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary You’ve  Detected  It  – Now  On  To  the  Client… • Be  prepared  with  details,  be  prepared  to  spend  time  with  the  business • Start  like  normal  verification  call;  get  customer  talking • Help  them  to  see  why  you’re  suspicious • Explain  the  scams • Probe  into  the  situation  – ask  if  they  received  the  request  via  email,  ask  for  key  words • Push  for  non-­‐email  based  confirmation • Remind  them  you’re  there  to  help • Redirect  the  emotion  – focus  on  the  pain  of  the  business  losing  money 26 Be  prepared  for  what  can  be  a  difficult  call  with  a  victimized  client.  
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Impact  of  BEC  Fraud  On  Financial   Institutions 27 Cost  of  Education Reduced  alerts Reduced  callbacks Increased  detection,  less  recovery Increase  in  trust,  enhanced  experience Decrease  in   costs Increase In  Trust By  improving  their  ability  to  detect  BEC  attacks,  FIs  will  reduce  costs  and  increase  trust.  
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Guardian  Analytics  Successes  with  BEC Fraud  prevented $19M  in  two   months Efficiency  gains Reduced  reviews  to  only   wires  flagged  by  Guardian   Analytics,  all  else   automatically  processed (50-­‐100  wires/day) Client  experience Reduced  callbacks Reduction  in  alerts   freed  time  for  deeper   client  discussion  of  likely   BEC  attacks Bank  with  ~4,000  wires  per  day Fraud  prevented $500K  in  six   months Efficiency  gains Previously  held  all  online   wires  (250/day)   Guardian  Analytics  scores   all  1500  wires/day,  but   holds  only  75  from  any   channel,  reducing  bank   effort  by  70% Client  experience Faster  processing Fewer  callbacks   (1-­‐5/day) Bank  with  ~1,500  wires  per  day 28
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Guardian  Analytics  Wire  Benefits 29 • Accurate  detection  with  low  alert  rates • Reduction  in  false  positives  reduces  overall  workload  and   creates  time  for  banks  to  spend  with  customers • Better  client  experience • Reduction  of  time  spent  on  paperwork  and  funds  retrieval • Reduced  risk  of  lawsuits,  reputation  issues • Build  deep  client  satisfaction  and  loyalty
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Guardian  Risk  Engine Solutions  to  Detect  Fraud  Across  Channels   and  Transactions Guardian  Solutions Guardian  Enterprise  API Guardian  Visual  Analytics We  offer  behavior-­‐based  solutions  across  channels  and  payment  types,  plus  an  API  to  incorporate   proprietary  data.  The  Risk  Engine  calculates  risk  scores  that  are  presented  through  our  visual  analytics.
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary For  More  Information • Email  info@GuardianAnalytics.com • Request  a  one-­on-­one  briefing • Visit  www.GuardianAnalytics.com • Sign  up  for  a  demo • Sign  up  for  our  monthly  Fraud  Updates • Download  BEC  Best  Practices • www.GuardianAnalytics.com/BEC-­FI • Watch  the  recording  of  this  webinar • http://info.guardiananalytics.com/BECWebinar-­Mar2016-­reg.html 31
©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Business  Email  Compromise  – Why  it’s  So   Effective,  and  How  to  Prevent  It Thank  You!

Recommended

5 Ways to Protect your Mobile Security
5 Ways to Protect your Mobile Security5 Ways to Protect your Mobile Security
5 Ways to Protect your Mobile SecurityLookout
 
Building the 10x better bank
Building the 10x better bankBuilding the 10x better bank
Building the 10x better bankBackbase
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORTvineetkathan
 
apidays London 2022 - The State of Banking APIs 2022, Mark Boyd, Platformable
apidays London 2022 - The State of Banking APIs 2022, Mark Boyd, Platformableapidays London 2022 - The State of Banking APIs 2022, Mark Boyd, Platformable
apidays London 2022 - The State of Banking APIs 2022, Mark Boyd, Platformableapidays
 
Cybercrime & Cybersecurity
Cybercrime & CybersecurityCybercrime & Cybersecurity
Cybercrime & CybersecurityRitamaJana
 
Open banking [Evolution, Risks & Opportunities]
Open banking [Evolution, Risks & Opportunities]Open banking [Evolution, Risks & Opportunities]
Open banking [Evolution, Risks & Opportunities]Kannan Srinivasan
 
Data Protection and Privacy
Data Protection and PrivacyData Protection and Privacy
Data Protection and PrivacyVertex Holdings
 
The Path to Open Banking
The Path to Open BankingThe Path to Open Banking
The Path to Open BankingMuleSoft
 

Recommended

5 Ways to Protect your Mobile Security
5 Ways to Protect your Mobile Security5 Ways to Protect your Mobile Security
5 Ways to Protect your Mobile SecurityLookout
 
Building the 10x better bank
Building the 10x better bankBuilding the 10x better bank
Building the 10x better bankBackbase
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORTvineetkathan
 
apidays London 2022 - The State of Banking APIs 2022, Mark Boyd, Platformable
apidays London 2022 - The State of Banking APIs 2022, Mark Boyd, Platformableapidays London 2022 - The State of Banking APIs 2022, Mark Boyd, Platformable
apidays London 2022 - The State of Banking APIs 2022, Mark Boyd, Platformableapidays
 
Cybercrime & Cybersecurity
Cybercrime & CybersecurityCybercrime & Cybersecurity
Cybercrime & CybersecurityRitamaJana
 
Open banking [Evolution, Risks & Opportunities]
Open banking [Evolution, Risks & Opportunities]Open banking [Evolution, Risks & Opportunities]
Open banking [Evolution, Risks & Opportunities]Kannan Srinivasan
 
Data Protection and Privacy
Data Protection and PrivacyData Protection and Privacy
Data Protection and PrivacyVertex Holdings
 
The Path to Open Banking
The Path to Open BankingThe Path to Open Banking
The Path to Open BankingMuleSoft
 
Platform Strategy and Digital Ecosystems
Platform Strategy and Digital EcosystemsPlatform Strategy and Digital Ecosystems
Platform Strategy and Digital EcosystemsApigee | Google Cloud
 
Introduction to AI Governance
Introduction to AI GovernanceIntroduction to AI Governance
Introduction to AI GovernancePaweł Skorupiński
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentationpooja_doshi
 
Identity theft ppt
Identity theft pptIdentity theft ppt
Identity theft pptCut 2 Shreds
 
Putting the Experience in Digital Customer Experience
Putting the Experience in Digital Customer ExperiencePutting the Experience in Digital Customer Experience
Putting the Experience in Digital Customer ExperienceCognizant
 
Phishing
PhishingPhishing
PhishingArpit Patel
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasuresJorge Sebastiao
 
social engineering
social engineering social engineering
social engineeringRavi Patel
 
PS Tech Vision: Education Leaders Wanted
PS Tech Vision: Education Leaders WantedPS Tech Vision: Education Leaders Wanted
PS Tech Vision: Education Leaders Wantedaccenture
 
Open Banking APIs on AWS
Open Banking APIs on AWSOpen Banking APIs on AWS
Open Banking APIs on AWSAmazon Web Services
 
How to Achieve Agile API Security
How to Achieve Agile API SecurityHow to Achieve Agile API Security
How to Achieve Agile API SecurityApigee | Google Cloud
 
Information Security Awareness for everyone
Information Security Awareness for everyoneInformation Security Awareness for everyone
Information Security Awareness for everyoneYasir Nafees
 
Cyber crime and cyber laws
Cyber crime and cyber lawsCyber crime and cyber laws
Cyber crime and cyber lawsishmecse13
 
Fighting Financial Crime with Artificial Intelligence
Fighting Financial Crime with Artificial IntelligenceFighting Financial Crime with Artificial Intelligence
Fighting Financial Crime with Artificial IntelligenceDataWorks Summit
 
Telephone fraud PPT for Fraud Conference at Portsmouth University, 2014
Telephone fraud PPT for Fraud Conference at Portsmouth University, 2014Telephone fraud PPT for Fraud Conference at Portsmouth University, 2014
Telephone fraud PPT for Fraud Conference at Portsmouth University, 2014Audrius Sapola
 
Social Engineering
Social EngineeringSocial Engineering
Social EngineeringCyber Agency
 
Evolution of Digital Bank 4.0
Evolution of Digital Bank 4.0Evolution of Digital Bank 4.0
Evolution of Digital Bank 4.0Connected Futures
 
Cyber security training
Cyber security trainingCyber security training
Cyber security trainingWilmington University
 
Phishing detection & protection scheme
Phishing detection & protection schemePhishing detection & protection scheme
Phishing detection & protection schemeMussavir Shaikh
 
Chase Bank Digital Strategy
Chase Bank Digital Strategy Chase Bank Digital Strategy
Chase Bank Digital Strategy Sierra Resovsky
 
Preventing Business Email Compromise Fraud with Guardian Analytics Real-Time ...
Preventing Business Email Compromise Fraud with Guardian Analytics Real-Time ...Preventing Business Email Compromise Fraud with Guardian Analytics Real-Time ...
Preventing Business Email Compromise Fraud with Guardian Analytics Real-Time ...Guardian Analytics
 
Cybersecurity Facts & Figures - What Every Business Needs to Know
Cybersecurity Facts & Figures - What Every Business Needs to KnowCybersecurity Facts & Figures - What Every Business Needs to Know
Cybersecurity Facts & Figures - What Every Business Needs to KnowCBIZ, Inc.
 

More Related Content

What's hot

Platform Strategy and Digital Ecosystems
Platform Strategy and Digital EcosystemsPlatform Strategy and Digital Ecosystems
Platform Strategy and Digital EcosystemsApigee | Google Cloud
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentationpooja_doshi
 
Identity theft ppt
Identity theft pptIdentity theft ppt
Identity theft pptCut 2 Shreds
 
Putting the Experience in Digital Customer Experience
Putting the Experience in Digital Customer ExperiencePutting the Experience in Digital Customer Experience
Putting the Experience in Digital Customer ExperienceCognizant
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasuresJorge Sebastiao
 
social engineering
social engineering social engineering
social engineeringRavi Patel
 
PS Tech Vision: Education Leaders Wanted
PS Tech Vision: Education Leaders WantedPS Tech Vision: Education Leaders Wanted
PS Tech Vision: Education Leaders Wantedaccenture
 
Information Security Awareness for everyone
Information Security Awareness for everyoneInformation Security Awareness for everyone
Information Security Awareness for everyoneYasir Nafees
 
Cyber crime and cyber laws
Cyber crime and cyber lawsCyber crime and cyber laws
Cyber crime and cyber lawsishmecse13
 
Fighting Financial Crime with Artificial Intelligence
Fighting Financial Crime with Artificial IntelligenceFighting Financial Crime with Artificial Intelligence
Fighting Financial Crime with Artificial IntelligenceDataWorks Summit
 
Telephone fraud PPT for Fraud Conference at Portsmouth University, 2014
Telephone fraud PPT for Fraud Conference at Portsmouth University, 2014Telephone fraud PPT for Fraud Conference at Portsmouth University, 2014
Telephone fraud PPT for Fraud Conference at Portsmouth University, 2014Audrius Sapola
 
Social Engineering
Social EngineeringSocial Engineering
Social EngineeringCyber Agency
 
Evolution of Digital Bank 4.0
Evolution of Digital Bank 4.0Evolution of Digital Bank 4.0
Evolution of Digital Bank 4.0Connected Futures
 
Phishing detection & protection scheme
Phishing detection & protection schemePhishing detection & protection scheme
Phishing detection & protection schemeMussavir Shaikh
 
Chase Bank Digital Strategy
Chase Bank Digital Strategy Chase Bank Digital Strategy
Chase Bank Digital Strategy Sierra Resovsky
 

What's hot (20)

Platform Strategy and Digital Ecosystems
Platform Strategy and Digital EcosystemsPlatform Strategy and Digital Ecosystems
Platform Strategy and Digital Ecosystems
 
Introduction to AI Governance
Introduction to AI GovernanceIntroduction to AI Governance
Introduction to AI Governance
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentation
 
Identity theft ppt
Identity theft pptIdentity theft ppt
Identity theft ppt
 
Putting the Experience in Digital Customer Experience
Putting the Experience in Digital Customer ExperiencePutting the Experience in Digital Customer Experience
Putting the Experience in Digital Customer Experience
 
Phishing
PhishingPhishing
Phishing
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasures
 
social engineering
social engineering social engineering
social engineering
 
PS Tech Vision: Education Leaders Wanted
PS Tech Vision: Education Leaders WantedPS Tech Vision: Education Leaders Wanted
PS Tech Vision: Education Leaders Wanted
 
Open Banking APIs on AWS
Open Banking APIs on AWSOpen Banking APIs on AWS
Open Banking APIs on AWS
 
How to Achieve Agile API Security
How to Achieve Agile API SecurityHow to Achieve Agile API Security
How to Achieve Agile API Security
 
Information Security Awareness for everyone
Information Security Awareness for everyoneInformation Security Awareness for everyone
Information Security Awareness for everyone
 
Cyber crime and cyber laws
Cyber crime and cyber lawsCyber crime and cyber laws
Cyber crime and cyber laws
 
Fighting Financial Crime with Artificial Intelligence
Fighting Financial Crime with Artificial IntelligenceFighting Financial Crime with Artificial Intelligence
Fighting Financial Crime with Artificial Intelligence
 
Telephone fraud PPT for Fraud Conference at Portsmouth University, 2014
Telephone fraud PPT for Fraud Conference at Portsmouth University, 2014Telephone fraud PPT for Fraud Conference at Portsmouth University, 2014
Telephone fraud PPT for Fraud Conference at Portsmouth University, 2014
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 
Evolution of Digital Bank 4.0
Evolution of Digital Bank 4.0Evolution of Digital Bank 4.0
Evolution of Digital Bank 4.0
 
Cyber security training
Cyber security trainingCyber security training
Cyber security training
 
Phishing detection & protection scheme
Phishing detection & protection schemePhishing detection & protection scheme
Phishing detection & protection scheme
 
Chase Bank Digital Strategy
Chase Bank Digital Strategy Chase Bank Digital Strategy
Chase Bank Digital Strategy
 

Viewers also liked

Preventing Business Email Compromise Fraud with Guardian Analytics Real-Time ...
Preventing Business Email Compromise Fraud with Guardian Analytics Real-Time ...Preventing Business Email Compromise Fraud with Guardian Analytics Real-Time ...
Preventing Business Email Compromise Fraud with Guardian Analytics Real-Time ...Guardian Analytics
 
Cybersecurity Facts & Figures - What Every Business Needs to Know
Cybersecurity Facts & Figures - What Every Business Needs to KnowCybersecurity Facts & Figures - What Every Business Needs to Know
Cybersecurity Facts & Figures - What Every Business Needs to KnowCBIZ, Inc.
 
ISMG - Fighting Business Email Compromise
ISMG - Fighting Business Email CompromiseISMG - Fighting Business Email Compromise
ISMG - Fighting Business Email CompromiseLaurent Pacalin
 
Being the best cybersecurity strategy - Failing Forward
Being the best cybersecurity strategy - Failing ForwardBeing the best cybersecurity strategy - Failing Forward
Being the best cybersecurity strategy - Failing ForwardJames DeLuccia IV
 
Cyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial IndustryCyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial IndustryWilliam McBorrough
 
Dosier nazis beiras bng castellano
Dosier nazis beiras bng castellanoDosier nazis beiras bng castellano
Dosier nazis beiras bng castellanoGalizaIsrael
 
Importancia del #CommunityManager para el #ecommerce
Importancia del #CommunityManager para el #ecommerceImportancia del #CommunityManager para el #ecommerce
Importancia del #CommunityManager para el #ecommerceSonia Contero
 
Luois Alban Batard Dupré | Connecthings - Taller Internet of Things Smash Tec...
Luois Alban Batard Dupré | Connecthings - Taller Internet of Things Smash Tec...Luois Alban Batard Dupré | Connecthings - Taller Internet of Things Smash Tec...
Luois Alban Batard Dupré | Connecthings - Taller Internet of Things Smash Tec...Smash Tech
 
Guia turistica sabadell
Guia turistica sabadellGuia turistica sabadell
Guia turistica sabadelljdiazperez87
 
CALENDARIO OFICIAL BENJAMÍN 2º - 8º TORNEO PRIMER TOQUE
CALENDARIO OFICIAL BENJAMÍN 2º - 8º TORNEO PRIMER TOQUECALENDARIO OFICIAL BENJAMÍN 2º - 8º TORNEO PRIMER TOQUE
CALENDARIO OFICIAL BENJAMÍN 2º - 8º TORNEO PRIMER TOQUEJordi Masnou
 
Pro Archives Systemes Zimbabawe-Profile
Pro Archives Systemes Zimbabawe-ProfilePro Archives Systemes Zimbabawe-Profile
Pro Archives Systemes Zimbabawe-ProfileFaith Uredi
 
Ash domah detailed cv award winning financial controller-5f
Ash domah detailed cv award winning financial controller-5fAsh domah detailed cv award winning financial controller-5f
Ash domah detailed cv award winning financial controller-5fAshish Domah FCCA
 
Do It Yourself: Space. How You Are Building Things That Can Fly in Space
Do It Yourself: Space. How You Are Building Things That Can Fly in SpaceDo It Yourself: Space. How You Are Building Things That Can Fly in Space
Do It Yourself: Space. How You Are Building Things That Can Fly in SpaceMatthew F. Reyes
 
Modelo de educación histórica
Modelo de educación históricaModelo de educación histórica
Modelo de educación históricaGerardo Mora
 
Efectividad de la terapia familiar sistémica
Efectividad de la terapia familiar sistémicaEfectividad de la terapia familiar sistémica
Efectividad de la terapia familiar sistémicaKarina Angulo Pérez
 
Separata práctica del
Separata práctica delSeparata práctica del
Separata práctica delpcpatricio
 

Viewers also liked (20)

Preventing Business Email Compromise Fraud with Guardian Analytics Real-Time ...
Preventing Business Email Compromise Fraud with Guardian Analytics Real-Time ...Preventing Business Email Compromise Fraud with Guardian Analytics Real-Time ...
Preventing Business Email Compromise Fraud with Guardian Analytics Real-Time ...
 
Cybersecurity Facts & Figures - What Every Business Needs to Know
Cybersecurity Facts & Figures - What Every Business Needs to KnowCybersecurity Facts & Figures - What Every Business Needs to Know
Cybersecurity Facts & Figures - What Every Business Needs to Know
 
ISMG - Fighting Business Email Compromise
ISMG - Fighting Business Email CompromiseISMG - Fighting Business Email Compromise
ISMG - Fighting Business Email Compromise
 
Being the best cybersecurity strategy - Failing Forward
Being the best cybersecurity strategy - Failing ForwardBeing the best cybersecurity strategy - Failing Forward
Being the best cybersecurity strategy - Failing Forward
 
Cyber security report 2017 cisco 2017 acr_pdf
Cyber security report 2017 cisco 2017 acr_pdfCyber security report 2017 cisco 2017 acr_pdf
Cyber security report 2017 cisco 2017 acr_pdf
 
Cyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial IndustryCyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial Industry
 
Dosier nazis beiras bng castellano
Dosier nazis beiras bng castellanoDosier nazis beiras bng castellano
Dosier nazis beiras bng castellano
 
Bondia.cat 05/06/2014
Bondia.cat 05/06/2014Bondia.cat 05/06/2014
Bondia.cat 05/06/2014
 
Importancia del #CommunityManager para el #ecommerce
Importancia del #CommunityManager para el #ecommerceImportancia del #CommunityManager para el #ecommerce
Importancia del #CommunityManager para el #ecommerce
 
Luois Alban Batard Dupré | Connecthings - Taller Internet of Things Smash Tec...
Luois Alban Batard Dupré | Connecthings - Taller Internet of Things Smash Tec...Luois Alban Batard Dupré | Connecthings - Taller Internet of Things Smash Tec...
Luois Alban Batard Dupré | Connecthings - Taller Internet of Things Smash Tec...
 
You 2.0
You 2.0You 2.0
You 2.0
 
Guia turistica sabadell
Guia turistica sabadellGuia turistica sabadell
Guia turistica sabadell
 
CALENDARIO OFICIAL BENJAMÍN 2º - 8º TORNEO PRIMER TOQUE
CALENDARIO OFICIAL BENJAMÍN 2º - 8º TORNEO PRIMER TOQUECALENDARIO OFICIAL BENJAMÍN 2º - 8º TORNEO PRIMER TOQUE
CALENDARIO OFICIAL BENJAMÍN 2º - 8º TORNEO PRIMER TOQUE
 
Presentation
PresentationPresentation
Presentation
 
Pro Archives Systemes Zimbabawe-Profile
Pro Archives Systemes Zimbabawe-ProfilePro Archives Systemes Zimbabawe-Profile
Pro Archives Systemes Zimbabawe-Profile
 
Ash domah detailed cv award winning financial controller-5f
Ash domah detailed cv award winning financial controller-5fAsh domah detailed cv award winning financial controller-5f
Ash domah detailed cv award winning financial controller-5f
 
Do It Yourself: Space. How You Are Building Things That Can Fly in Space
Do It Yourself: Space. How You Are Building Things That Can Fly in SpaceDo It Yourself: Space. How You Are Building Things That Can Fly in Space
Do It Yourself: Space. How You Are Building Things That Can Fly in Space
 
Modelo de educación histórica
Modelo de educación históricaModelo de educación histórica
Modelo de educación histórica
 
Efectividad de la terapia familiar sistémica
Efectividad de la terapia familiar sistémicaEfectividad de la terapia familiar sistémica
Efectividad de la terapia familiar sistémica
 
Separata práctica del
Separata práctica delSeparata práctica del
Separata práctica del
 

Similar to Business Email Compromise Scam

Finance in the South West 2018 - Start Up Session
Finance in the South West 2018 - Start Up SessionFinance in the South West 2018 - Start Up Session
Finance in the South West 2018 - Start Up SessionPKF Francis Clark
 
Marketing Cloud - Partner Office Hour (August 18, 2015)
Marketing Cloud - Partner Office Hour (August 18, 2015)Marketing Cloud - Partner Office Hour (August 18, 2015)
Marketing Cloud - Partner Office Hour (August 18, 2015)Salesforce Partners
 
Preventing Fraud with a Multi-Channel Approach
Preventing Fraud with a Multi-Channel ApproachPreventing Fraud with a Multi-Channel Approach
Preventing Fraud with a Multi-Channel ApproachLaurent Pacalin
 
O365Engage17 - Protecting your Users Against Email Spoofing and Phishing
O365Engage17 - Protecting your Users Against Email Spoofing and PhishingO365Engage17 - Protecting your Users Against Email Spoofing and Phishing
O365Engage17 - Protecting your Users Against Email Spoofing and PhishingNCCOMMS
 
Detecting Corporate Fraud: Tips from a Crook and a Sleuth by Roddy Boyd and S...
Detecting Corporate Fraud: Tips from a Crook and a Sleuth by Roddy Boyd and S...Detecting Corporate Fraud: Tips from a Crook and a Sleuth by Roddy Boyd and S...
Detecting Corporate Fraud: Tips from a Crook and a Sleuth by Roddy Boyd and S...Reynolds Center for Business Journalism
 
B2B DATA: You Don't Have to Love it, But Don't Ignore it
B2B DATA: You Don't Have to Love it, But Don't Ignore itB2B DATA: You Don't Have to Love it, But Don't Ignore it
B2B DATA: You Don't Have to Love it, But Don't Ignore itamdia
 
Preventing Fraud with a Multi-Channel Approach
Preventing Fraud with a Multi-Channel ApproachPreventing Fraud with a Multi-Channel Approach
Preventing Fraud with a Multi-Channel ApproachGuardian Analytics
 
7 Days of Playing Minesweeper, or How to Shut Down Whistleblower Defense with...
7 Days of Playing Minesweeper, or How to Shut Down Whistleblower Defense with...7 Days of Playing Minesweeper, or How to Shut Down Whistleblower Defense with...
7 Days of Playing Minesweeper, or How to Shut Down Whistleblower Defense with...Evention
 
2017-01-23-Regulatory Compliance Watch - 6 Cybersecurity for Financial Servic...
2017-01-23-Regulatory Compliance Watch - 6 Cybersecurity for Financial Servic...2017-01-23-Regulatory Compliance Watch - 6 Cybersecurity for Financial Servic...
2017-01-23-Regulatory Compliance Watch - 6 Cybersecurity for Financial Servic...Raj Goel
 
GreenFlag Presentation
GreenFlag PresentationGreenFlag Presentation
GreenFlag Presentationpmicomm
 
Cap Tech Talks Webinar April=l 2020 business email cybersecurity
Cap Tech Talks Webinar April=l 2020 business email cybersecurity Cap Tech Talks Webinar April=l 2020 business email cybersecurity
Cap Tech Talks Webinar April=l 2020 business email cybersecurity Bill Gibbs
 
Growing a SaaS Business
Growing a SaaS BusinessGrowing a SaaS Business
Growing a SaaS BusinessIntelligent_ly
 
Business West - Finance Factor
Business West - Finance FactorBusiness West - Finance Factor
Business West - Finance Factoramievaughan
 
InvoiceInterchange – Introduction to InvoiceTrading
InvoiceInterchange – Introduction to InvoiceTradingInvoiceInterchange – Introduction to InvoiceTrading
InvoiceInterchange – Introduction to InvoiceTradingnalinee_c1
 
Commercial Financing Mastery 101
Commercial Financing Mastery 101Commercial Financing Mastery 101
Commercial Financing Mastery 101Sua Truong
 

Similar to Business Email Compromise Scam (20)

BBB October 2018 Market Monitor
BBB October 2018 Market Monitor BBB October 2018 Market Monitor
BBB October 2018 Market Monitor
 
Finance in the South West 2018 - Start Up Session
Finance in the South West 2018 - Start Up SessionFinance in the South West 2018 - Start Up Session
Finance in the South West 2018 - Start Up Session
 
Marketing Cloud - Partner Office Hour (August 18, 2015)
Marketing Cloud - Partner Office Hour (August 18, 2015)Marketing Cloud - Partner Office Hour (August 18, 2015)
Marketing Cloud - Partner Office Hour (August 18, 2015)
 
Preventing Fraud with a Multi-Channel Approach
Preventing Fraud with a Multi-Channel ApproachPreventing Fraud with a Multi-Channel Approach
Preventing Fraud with a Multi-Channel Approach
 
BBB Market Monitor: June 2023
BBB Market Monitor: June 2023BBB Market Monitor: June 2023
BBB Market Monitor: June 2023
 
O365Engage17 - Protecting your Users Against Email Spoofing and Phishing
O365Engage17 - Protecting your Users Against Email Spoofing and PhishingO365Engage17 - Protecting your Users Against Email Spoofing and Phishing
O365Engage17 - Protecting your Users Against Email Spoofing and Phishing
 
BBB Market Monitor: October 2019
BBB Market Monitor: October 2019 BBB Market Monitor: October 2019
BBB Market Monitor: October 2019
 
Detecting Corporate Fraud: Tips from a Crook and a Sleuth by Roddy Boyd and S...
Detecting Corporate Fraud: Tips from a Crook and a Sleuth by Roddy Boyd and S...Detecting Corporate Fraud: Tips from a Crook and a Sleuth by Roddy Boyd and S...
Detecting Corporate Fraud: Tips from a Crook and a Sleuth by Roddy Boyd and S...
 
B2B DATA: You Don't Have to Love it, But Don't Ignore it
B2B DATA: You Don't Have to Love it, But Don't Ignore itB2B DATA: You Don't Have to Love it, But Don't Ignore it
B2B DATA: You Don't Have to Love it, But Don't Ignore it
 
Preventing Fraud with a Multi-Channel Approach
Preventing Fraud with a Multi-Channel ApproachPreventing Fraud with a Multi-Channel Approach
Preventing Fraud with a Multi-Channel Approach
 
7 Days of Playing Minesweeper, or How to Shut Down Whistleblower Defense with...
7 Days of Playing Minesweeper, or How to Shut Down Whistleblower Defense with...7 Days of Playing Minesweeper, or How to Shut Down Whistleblower Defense with...
7 Days of Playing Minesweeper, or How to Shut Down Whistleblower Defense with...
 
2017-01-23-Regulatory Compliance Watch - 6 Cybersecurity for Financial Servic...
2017-01-23-Regulatory Compliance Watch - 6 Cybersecurity for Financial Servic...2017-01-23-Regulatory Compliance Watch - 6 Cybersecurity for Financial Servic...
2017-01-23-Regulatory Compliance Watch - 6 Cybersecurity for Financial Servic...
 
GreenFlag Presentation
GreenFlag PresentationGreenFlag Presentation
GreenFlag Presentation
 
Cap Tech Talks Webinar April=l 2020 business email cybersecurity
Cap Tech Talks Webinar April=l 2020 business email cybersecurity Cap Tech Talks Webinar April=l 2020 business email cybersecurity
Cap Tech Talks Webinar April=l 2020 business email cybersecurity
 
Growing a SaaS Business
Growing a SaaS BusinessGrowing a SaaS Business
Growing a SaaS Business
 
BBB August Newsletter
BBB August NewsletterBBB August Newsletter
BBB August Newsletter
 
Business West - Finance Factor
Business West - Finance FactorBusiness West - Finance Factor
Business West - Finance Factor
 
InvoiceInterchange – Introduction to InvoiceTrading
InvoiceInterchange – Introduction to InvoiceTradingInvoiceInterchange – Introduction to InvoiceTrading
InvoiceInterchange – Introduction to InvoiceTrading
 
Commercial Financing Mastery 101
Commercial Financing Mastery 101Commercial Financing Mastery 101
Commercial Financing Mastery 101
 
BBB Market Monitor: June 2022
BBB Market Monitor: June 2022BBB Market Monitor: June 2022
BBB Market Monitor: June 2022
 

More from Guardian Analytics

Preventing ATO in a Post-Equifax Breach World
Preventing ATO in a Post-Equifax Breach WorldPreventing ATO in a Post-Equifax Breach World
Preventing ATO in a Post-Equifax Breach WorldGuardian Analytics
 
Behavioral Analytics for Preventing Fraud Today and Tomorrow
Behavioral Analytics for Preventing Fraud Today and TomorrowBehavioral Analytics for Preventing Fraud Today and Tomorrow
Behavioral Analytics for Preventing Fraud Today and TomorrowGuardian Analytics
 
New Requirements of Fraud Prevention
New Requirements of Fraud PreventionNew Requirements of Fraud Prevention
New Requirements of Fraud PreventionGuardian Analytics
 
Infographic: New Requirements of Fraud Prevention
Infographic: New Requirements of Fraud PreventionInfographic: New Requirements of Fraud Prevention
Infographic: New Requirements of Fraud PreventionGuardian Analytics
 
New! Omni-Channel Fraud Prevention
New! Omni-Channel Fraud Prevention New! Omni-Channel Fraud Prevention
New! Omni-Channel Fraud Prevention Guardian Analytics
 

More from Guardian Analytics (7)

Preventing ATO in a Post-Equifax Breach World
Preventing ATO in a Post-Equifax Breach WorldPreventing ATO in a Post-Equifax Breach World
Preventing ATO in a Post-Equifax Breach World
 
Behavioral Analytics for Preventing Fraud Today and Tomorrow
Behavioral Analytics for Preventing Fraud Today and TomorrowBehavioral Analytics for Preventing Fraud Today and Tomorrow
Behavioral Analytics for Preventing Fraud Today and Tomorrow
 
New Requirements of Fraud Prevention
New Requirements of Fraud PreventionNew Requirements of Fraud Prevention
New Requirements of Fraud Prevention
 
Infographic: New Requirements of Fraud Prevention
Infographic: New Requirements of Fraud PreventionInfographic: New Requirements of Fraud Prevention
Infographic: New Requirements of Fraud Prevention
 
How Do You View Fraud Risk?
How Do You View Fraud Risk? How Do You View Fraud Risk?
How Do You View Fraud Risk?
 
New! Omni-Channel Fraud Prevention
New! Omni-Channel Fraud Prevention New! Omni-Channel Fraud Prevention
New! Omni-Channel Fraud Prevention
 
ACH Payments - Banking Fraud
ACH Payments - Banking FraudACH Payments - Banking Fraud
ACH Payments - Banking Fraud
 

Recently uploaded

falcon-invoice-discounting-unlocking-prime-investment-opportunities
falcon-invoice-discounting-unlocking-prime-investment-opportunitiesfalcon-invoice-discounting-unlocking-prime-investment-opportunities
falcon-invoice-discounting-unlocking-prime-investment-opportunitiesFalcon Invoice Discounting
 
( Jasmin ) Top VIP Escorts Service Dindigul 💧 7737669865 💧 by Dindigul Call G...
( Jasmin ) Top VIP Escorts Service Dindigul 💧 7737669865 💧 by Dindigul Call G...( Jasmin ) Top VIP Escorts Service Dindigul 💧 7737669865 💧 by Dindigul Call G...
( Jasmin ) Top VIP Escorts Service Dindigul 💧 7737669865 💧 by Dindigul Call G...dipikadinghjn ( Why You Choose Us? ) Escorts
 
VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...
VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...
VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...dipikadinghjn ( Why You Choose Us? ) Escorts
 
Technology industry / Finnish economic outlook
Technology industry / Finnish economic outlookTechnology industry / Finnish economic outlook
Technology industry / Finnish economic outlookTechFinland
 
VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...
VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...
VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...dipikadinghjn ( Why You Choose Us? ) Escorts
 
VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...
VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...
VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...dipikadinghjn ( Why You Choose Us? ) Escorts
 
Lion One Corporate Presentation May 2024
Lion One Corporate Presentation May 2024Lion One Corporate Presentation May 2024
Lion One Corporate Presentation May 2024Adnet Communications
 
Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...
Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...
Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...priyasharma62062
 
7 tips trading Deriv Accumulator Options
7 tips trading Deriv Accumulator Options7 tips trading Deriv Accumulator Options
7 tips trading Deriv Accumulator OptionsVince Stanzione
 
Cybersecurity Threats in Financial Services Protection.pptx
Cybersecurity Threats in Financial Services Protection.pptxCybersecurity Threats in Financial Services Protection.pptx
Cybersecurity Threats in Financial Services Protection.pptxLumiverse Solutions Pvt Ltd
 
Best VIP Call Girls Morni Hills Just Click Me 6367492432
Best VIP Call Girls Morni Hills Just Click Me 6367492432Best VIP Call Girls Morni Hills Just Click Me 6367492432
Best VIP Call Girls Morni Hills Just Click Me 6367492432motiram463
 
Vasai-Virar High Profile Model Call Girls📞9833754194-Nalasopara Satisfy Call ...
Vasai-Virar High Profile Model Call Girls📞9833754194-Nalasopara Satisfy Call ...Vasai-Virar High Profile Model Call Girls📞9833754194-Nalasopara Satisfy Call ...
Vasai-Virar High Profile Model Call Girls📞9833754194-Nalasopara Satisfy Call ...priyasharma62062
 
Call Girls Banaswadi Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Banaswadi Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...Call Girls Banaswadi Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Banaswadi Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...amitlee9823
 
Kopar Khairane Russian Call Girls Number-9833754194-Navi Mumbai Fantastic Unl...
Kopar Khairane Russian Call Girls Number-9833754194-Navi Mumbai Fantastic Unl...Kopar Khairane Russian Call Girls Number-9833754194-Navi Mumbai Fantastic Unl...
Kopar Khairane Russian Call Girls Number-9833754194-Navi Mumbai Fantastic Unl...priyasharma62062
 
VIP Call Girl in Mumbai Central 💧 9920725232 ( Call Me ) Get A New Crush Ever...
VIP Call Girl in Mumbai Central 💧 9920725232 ( Call Me ) Get A New Crush Ever...VIP Call Girl in Mumbai Central 💧 9920725232 ( Call Me ) Get A New Crush Ever...
VIP Call Girl in Mumbai Central 💧 9920725232 ( Call Me ) Get A New Crush Ever...dipikadinghjn ( Why You Choose Us? ) Escorts
 
Stock Market Brief Deck (Under Pressure).pdf
Stock Market Brief Deck (Under Pressure).pdfStock Market Brief Deck (Under Pressure).pdf
Stock Market Brief Deck (Under Pressure).pdfMichael Silva
 
Business Principles, Tools, and Techniques in Participating in Various Types...
Business Principles, Tools, and Techniques in Participating in Various Types...Business Principles, Tools, and Techniques in Participating in Various Types...
Business Principles, Tools, and Techniques in Participating in Various Types...jeffreytingson
 
20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...
20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...
20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...Henry Tapper
 

Recently uploaded (20)

falcon-invoice-discounting-unlocking-prime-investment-opportunities
falcon-invoice-discounting-unlocking-prime-investment-opportunitiesfalcon-invoice-discounting-unlocking-prime-investment-opportunities
falcon-invoice-discounting-unlocking-prime-investment-opportunities
 
( Jasmin ) Top VIP Escorts Service Dindigul 💧 7737669865 💧 by Dindigul Call G...
( Jasmin ) Top VIP Escorts Service Dindigul 💧 7737669865 💧 by Dindigul Call G...( Jasmin ) Top VIP Escorts Service Dindigul 💧 7737669865 💧 by Dindigul Call G...
( Jasmin ) Top VIP Escorts Service Dindigul 💧 7737669865 💧 by Dindigul Call G...
 
VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...
VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...
VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...
 
Technology industry / Finnish economic outlook
Technology industry / Finnish economic outlookTechnology industry / Finnish economic outlook
Technology industry / Finnish economic outlook
 
VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...
VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...
VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...
 
VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...
VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...
VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...
 
Lion One Corporate Presentation May 2024
Lion One Corporate Presentation May 2024Lion One Corporate Presentation May 2024
Lion One Corporate Presentation May 2024
 
Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...
Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...
Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...
 
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
 
7 tips trading Deriv Accumulator Options
7 tips trading Deriv Accumulator Options7 tips trading Deriv Accumulator Options
7 tips trading Deriv Accumulator Options
 
Cybersecurity Threats in Financial Services Protection.pptx
Cybersecurity Threats in Financial Services Protection.pptxCybersecurity Threats in Financial Services Protection.pptx
Cybersecurity Threats in Financial Services Protection.pptx
 
Best VIP Call Girls Morni Hills Just Click Me 6367492432
Best VIP Call Girls Morni Hills Just Click Me 6367492432Best VIP Call Girls Morni Hills Just Click Me 6367492432
Best VIP Call Girls Morni Hills Just Click Me 6367492432
 
Vasai-Virar High Profile Model Call Girls📞9833754194-Nalasopara Satisfy Call ...
Vasai-Virar High Profile Model Call Girls📞9833754194-Nalasopara Satisfy Call ...Vasai-Virar High Profile Model Call Girls📞9833754194-Nalasopara Satisfy Call ...
Vasai-Virar High Profile Model Call Girls📞9833754194-Nalasopara Satisfy Call ...
 
Call Girls Banaswadi Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Banaswadi Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...Call Girls Banaswadi Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Banaswadi Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
 
Kopar Khairane Russian Call Girls Number-9833754194-Navi Mumbai Fantastic Unl...
Kopar Khairane Russian Call Girls Number-9833754194-Navi Mumbai Fantastic Unl...Kopar Khairane Russian Call Girls Number-9833754194-Navi Mumbai Fantastic Unl...
Kopar Khairane Russian Call Girls Number-9833754194-Navi Mumbai Fantastic Unl...
 
VIP Call Girl in Mumbai Central 💧 9920725232 ( Call Me ) Get A New Crush Ever...
VIP Call Girl in Mumbai Central 💧 9920725232 ( Call Me ) Get A New Crush Ever...VIP Call Girl in Mumbai Central 💧 9920725232 ( Call Me ) Get A New Crush Ever...
VIP Call Girl in Mumbai Central 💧 9920725232 ( Call Me ) Get A New Crush Ever...
 
Stock Market Brief Deck (Under Pressure).pdf
Stock Market Brief Deck (Under Pressure).pdfStock Market Brief Deck (Under Pressure).pdf
Stock Market Brief Deck (Under Pressure).pdf
 
From Luxury Escort Service Kamathipura : 9352852248 Make on-demand Arrangemen...
From Luxury Escort Service Kamathipura : 9352852248 Make on-demand Arrangemen...From Luxury Escort Service Kamathipura : 9352852248 Make on-demand Arrangemen...
From Luxury Escort Service Kamathipura : 9352852248 Make on-demand Arrangemen...
 
Business Principles, Tools, and Techniques in Participating in Various Types...
Business Principles, Tools, and Techniques in Participating in Various Types...Business Principles, Tools, and Techniques in Participating in Various Types...
Business Principles, Tools, and Techniques in Participating in Various Types...
 
20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...
20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...
20240419-SMC-submission-Annual-Superannuation-Performance-Test-–-design-optio...
 

Business Email Compromise Scam

  • 1. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Business  Email  Compromise  – Why  it’s  So   Effective,  and  How  to  Prevent  It
  • 2. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Guardian  Analytics  BEC  Education  Campaign • Best  Practices  Kit • Unbranded  materials  you  can  use   to  educate  your  clients • Materials  for  you  and  your  teams • Detection • Conversations  with  clients • Example  of  scams • Fraud  Update  on  BEC Guardian  Analytics  Best  Practices  Kit www.GuardianAnalytics.com/BEC-­‐FI 2 We’re  providing  materials  for  FIs  to  use  internally  and  for  them  to  use  to  educate  business  clients.
  • 3. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary FBI  Warning:  Business  Email  Compromise 3 • Over  12,000   businesses   victimized • $1.2B   in  losses • Increase  in  270%  from   January  2015   to  August  2015 • Institutions  experiencing   their  clients  victimized  with   increasing  frequency  – many   seeing  clients  hit  daily!   Latest  BEC  impact
  • 4. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Different  Forms  of  BEC 1.  Business  Email  Spoof 2.  Business  Email  Hack Criminal  determines  attack  pattern  based  on  whose  email  they   have  (CxO vs Controller/Procurement) Focus  on  CxO @Redllaw @Redlaw @Redlaw 3.  Business  Email  Hack /  Vendor   Email,  Invoice  Spoof Vendor @vendorr 4 Fraudsters’  preferred  attack  scheme  depends  on  which  email  account  he’s  able  to  compromise.  
  • 5. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary 1.  CxO Masquerading  – Domain  Spoofing 1.  Business  Email  Spoof @Redllaw Finance Staff Create  new  lookalike  domain   (Redllaw vs.  Redlaw) Who  to  target And  impersonate Best  message Research  Target  Business  and  Person(s) General  information Personal  information Customers/partners Company  news Funding Products/patents Travel  plans 5 Fraudsters  use  publicly  available  information  to  learn  about  the  company  and  who  they  will   impersonate  to  make  the  emails  very  believable.  
  • 6. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Monitor  CEO  email 2.  Business  Email  Hack  – CEO  Masquerading 6 2.  Business  Email  Hack Email   Takeover Phishing Social   Engineering Breaches Malware • Relationships • Common  phrases • Business  activities • Typical  transactions • Calendar/travel @Redlaw • Move • Delete • Auto-­‐forward Hide  email  traffic   using  rules Finance Staff Fraudster  studies  CEO’s  prior  emails  to  make  the  fake  email  consistent  with  style,  tone,  and  wording.  
  • 7. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Criminal  “Payload”  is  Changing 7 Finance Staff Wire  Payment Employee/W2  info Finance  /   HR  Staff Wire   Fraud • Identity  theft • Tax  fraud • New  account   fraud Criminals  are  expanding  on  the  success  of  BEC  to  date,  now  asking  for  complete  W2  files.  
  • 8. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Monitor  victim  email Vendors Vendor  email  traffic Relevant  “jump  in”  point Invoices 3.  Supplier  Masquerading  – Hacked       Internal  Email Email   Takeover Phishing Social   Engineering Breaches Malware @Redlaw @vendorr 3.  Business  Email  Hack /   Vendor  Email  Spoof Spoofed Invoice New  supplier   lookalike  domain Use  CC  to  fake   conversations   about  the  invoice Vendor • Move • Delete • Auto-­‐forward Hide  email  traffic   using  rules 8 Fraudsters  study  vendor  emails  &  invoices  to  make  attack  as  consistent  as  possible  with  prior  invoices.
  • 9. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Criminals  Use  Simple  and  Complex  Schemes Email From:  CEO Subject:  Need  your  help  – pls keep  it  quiet To:  Dave,  Controller Message: Dave, Can  you  please  wire  $56,000  to  this  company.  I’m  in  a   meeting  right  now,  but  you  don’t  need  any  further   approvals. If  you  have  questions,  please  reply  to  this  email.  Your   prompt  attention  to  this  is  critical. Thanks, CEO Email From:  Vendor Subject:  Invoice  – New  Process To:  Finance,  Accounts  Payable Message: Please  find  attached  our  latest  invoice  for  the  past   billing  period.   Also  note  that  we  are  implementing  a  new  payment   process.  Instead  of  how  you  have  previously  made   payments,  please  wire  the  funds  directly  to  our   account.  Here  are  the  wire  instructions: Routing  number:  xxxxxxxxxx Account  number:  xxxxxxxxxx Email From:  CEO Subject:  Confidential  – Attorney  will  call To:  Dave,  Controller Message: Dear  Dave,   I  would  like  to  bring  you  in  on  something  very   important,  but  highly  confidential. I  would  appreciate   your  timely  support  as  well  as  your  discretion,  as  we   are  not  ready  to  tell  the  whole  company  about  this  – we  are  in  the  process  of  acquiring  a  company   overseas.  This  is  very  strategic  to  our  business. I’ll  be  connecting  you  with  a  lawyer  in  London  who  is   brokering  this  transaction  for  us.    He  will  provide   payment  instructions  for  you. I’m  handing  this  project  to  you  because  I  know  I  can   trust  you. I’ll  check  in  with  you  periodically. Thanks,   CEO Simple  Request § Relies  on  urgency  and  unavailability Complex  Story § Relies  on  secrecy,  sense  of  importance § Can  result  in  multiple   payments 9 Schemes  are  tuned  to  increase  credibility  and  decrease  likilhood of  victim  catching  on.
  • 10. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Spoofed  Vendor  Payments  Seen  in  ACH 10 Email From:  Vendor Subject:  Invoice  – New  Process To:  Finance,  Accounts  Payable Message: Please  find  attached  our  latest  invoice  for  the  past   billing  period.   Also  note  that  we  are  implementing  a  new  payment   process.  Instead  of  how  you  have  previously  made   payments,  please  wire  the  funds  directly  to  our   account.  Here  are  the  wire  instructions: Routing  number:  xxxxxxxxxx Account  number:  xxxxxxxxxx Traditional:  Wire New:  ACH We’re  seeing  further  adaptation  of  the  scheme  to  be  consistent  with  prior  vendor  invoices.  
  • 11. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Same  Day  ACH  – Good  Target  For  Criminals 11 • Prey  on  urgency/immediacy • Hard  to  detect  amidst  larger  ACH  volumes • Same  Day  ACH  likely  to  replace  some  wire  volume ODFI ACH  Files Morning  Same  Day   Submission Afternoon  Same  Day Submission Standard Submission Same  Day Settlement Fraudsters  will  likely  increase  the  use  of  ACH  to  take  advantage  of  the  speed  of  Same  Day  settlement.
  • 12. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary BEC  Victim  Trends • Variety  of  business  types  under  attack • Title  companies • Consulting  firms • IT  providers • Legal  services • Tend  to  have  higher  transactional  volumes   • Businesses   victimized  multiple  times • Multiple  payments  as  part  of  one  scheme • “Vendor”  asking  for  multiple  invoices • Multiple  “vendors”  (one  business  hit  7  times) • Transportation • Food  service • Banks! 12 We’ve  seen  a  broad  range  of  businesses  being  victimized,  and  repeat  attacks  when  they’re  successful.
  • 13. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary BEC  Transaction  Trends • Amounts   • Consistent  with  normal  company  amounts • Largest  -­ $5MM • Average  -­ $250K • Escalating  amounts • Case  1:  $3K,  $19K,  $30K,  $50K • Case  2:  $8K  to  $80K   • Beneficiary  FI  and  location • Mix  of  international   and  domestic   • US  -­ small  CUs  to  largest  banks • International  – mostly  Asia  or  Eastern   Europe • Beneficiary • Individual   -­ 1/3   • Businesses  -­ 2/3 • Trading  and  export • Products • Logistics • Services • Catering 13 Criminals  do  their  homework  and  keep  amounts  consistent  with  prior  payments.  
  • 14. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Global  Distribution  of  Wire  Destinations Country %  of  incidents US 51.72% China 12.64% Hungary 8.05% Malaysia 5.75% Thailand 4.60% Hong  Kong 3.45% Nigeria 3.45% Bulgaria 1.15% UK 1.15% UAE 1.15% Seychelles 1.15% Ukraine 1.15% Taiwan 1.15% United  Kingdom 1.15% AU 1.15% Poland 1.15% Attempted  wires  – volume  of  tx 14 The  wide  distribution  of  beneficiaries  makes  it  difficult  to  detect  fraudulent  wires  by  monitoring  for   payments  to  specific  destinations
  • 15. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Domestic  Distribution  of  Wire  Destinations State % of   incidents FL 18.75% NY 9.38% IN 9.38% CA 9.38% TX 9.38% NC 6.25% AZ 6.25% GA 6.25% MI 6.25% SC 3.13% WI 3.13% MS 3.13% ID 3.13% CT 3.13% OH 3.13% Attempted  wires  – volume  of  tx 15 Similarly  for  domestic  wires,  they’re  widespread,  risking  high  false  positives  for  rules-­‐based  systems.
  • 16. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Impact  of  BEC  Fraud  On  Financial  Institutions 16 Increased  alerts  to  try  to  detect Increased  callbacks Increased  volume  &  cost  of  recovery Degradation  in  trust/experience Reputation  risk Cost  of  Education Increase  in bank  cost Poor  customer   experience Better  fraud   prevention  can  reduce     negative  impact Even  though  FIs  are  not  liable  for  losses,  they  are  hit  with  increased  costs  and  damaged  reputation.
  • 17. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Why  Detecting  BEC  is  Hard 17 New  beneficiaries  common   (40%  of  wires  to  new   beneficiaries) BEC  beneficiary  FIs  vary   (domestic,  international,   banks,  credit  unions) Spoofed  CEO   email   Spoofed   supplier  email Legitimate   user (CFO  or   controller) Online Fax Branch Criminal  beneficiary or  mule Criminals  do  their   homework  on  their   targets  and  prey  on   urgency,  sense  of  duty   and  importance Legitimate  user  logs  into   online  banking  or  requests   the  wire  (legacy  ATO   detection  methods  don’t   work) BEC  amounts   within  typical   range  of  client   wires Fraudulent  wires  from  BEC  are  hard  to  detect  because  requestors,  process  and  amounts  are   consistent  with  prior  wires.  
  • 18. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Typical  Fraud  Detection  Not  Working 18 Detection  Rates Alert   Volumes Low Low High High Trust  too  little Know  when  to  trust Know  when  NOT  to  trust Trust  too  much Over  $100K And international And new  recipient Over  $100K Or international Or new  recipient FIs  are  having  to  trade  off  volume  of  false  positives  with  friction  and  success  rates  at  detecting   fraudulent  payments.  Guardian  Analytics  delivers  high  detection  with  low  false  positives.
  • 19. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Knowing  When  To  Trust,  When  to  Raise  Risk Learn  each  individual  originator  behavior  over  time  to  determine  risk Learn  new  recipient   ratio,  typical   beneficiary  patterns   (i.e.  keeps  false  positives   for  title  companies  down) Look  to  see  if  we  can   raise  or  lower  trust  of  a   beneficiary If  multiple  wires  to   same “bene”  spread   out,  can  raise  trust If  many  in  rapid  succession,   less  trustworthy Use  what  we’ve   learned  from  other   fraud Mule Match  in  mule  database?
  • 20. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary 100+  Wire  Attributes  Analyzed 20 AddendaAddendaLength DisplayFields IntermediateFIName PaymentNotificationIndicator AddendaInformation DrawdownCreditAccount IntermediateFIStateProvince ReceiverFIName Amount DrawdownDebitAccount OBI ReceiverFIAddress1 AmountCurrencyCode DrawdownDebitAccountAdviceInfoAdditionalInfo OMADOutputCycleDate ReceiverFIAddress2 BBI DrawdownDebitAccountAdviceInfoAdviceCode OMADOutputDate ReceiverFIAddress3 BeneAddress1 ExchangeRate OMADOutputDestinationID ReceiverFICountryCode BeneAddress2 IMADInputCycleDate OMADOutputSequenceNumber ReceiverFIIDCode BeneAddress3 IMADInputSequenceNumber OMADOutputTime ReceiverFIID BeneCountryCode IMADInputSource OrigAddress1 ReceiverFIName BeneFIAddress1 ImmutableCompanyID OrigAddress2 ReceiverFIStateProvince BeneFIAddress2 ImmutableUserID OrigAddress3 Recurrence BeneFIAddress3 InstructedAmount OrigCountryCode RepeatRequest BeneficiaryAdviceInfoAdditionalInfo InstructedCurrencyCode OrigFIAddress1 RequestID BeneficiaryAdviceInfoAdviceCode InstructingFIAddress1 OrigFIAddress2 SenderFI BeneficiaryFIAdviceInfoAdditionalInfo InstructingFIAddress2 OrigFIAddress3 SenderFIAddress1 BeneficiaryFIAdviceInfoAdviceCode InstructingFIAddress3 OrigFICountryCode SenderFIAddress2 BeneFICountryCode InstructingFICountryCode OrigFIID SenderFIAddress3 BeneFIID InstructingFIID OrigFIIDCode SenderFICountryCode BeneFIIDCode InstructingFIIDCode OrigFIName SenderFIIDCode BeneFIName InstructingFIName OrigFIStateProvince SenderFIID BeneFIStateProvince InstructingFIStateProvince OrigIDCode SenderFIName BeneIDCode IntermediateFIAddress1 OrigName SenderFIStateProvince BeneIdentifier IntermediateFIAddress2 OrigStateProvince SenderReference BeneName IntermediateFIAddress3 PaymentNotificationContactFaxNumber SettlementMethod BeneReference IntermediateFIAdviceInfoAdditionalInfo PaymentNotificationContactMobileNumber Source BeneStateProvince IntermediateFIAdviceInfoAdviceCode PaymentNotificationContactName Status BusinessFunctionCode IntermediateFICountryCode PaymentNotificationContactNotificationElectronicAddress Type_Subtype DestinationType IntermediateFIID PaymentNotificationContactPhoneNumber SubType Direction IntermediateFIIDCode PaymentNotificationEndToEndIdentification TemplateName DisplayFields TransferDate DrawdownCreditAccount Type DrawdownDebitAccount WireID We  analyze  100+  aspects  of  client  behavior.  Risk  is  scored  based  on  combinations  of  activities.  
  • 21. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Guardian  Analytics  Wire  Finds  Unusual  Wires Would  beneficiary  be  expected?   (new  beneficiary  ratio,  beneficiary  and     FI  location/region) Are  the  originator’s  wire  actions   normal?   (timing,  velocity,  type,  accounts,   direction,  use  of  instructions,  content  of   instructions) Are  the  wires  typical?   (type,  amount) Originator  Model Wire  Behavioral  Analytics Cross-­‐institution  risk  data (Network  effect) Beneficiary  Model Is  this  a  high  or  low  risk   beneficiary? (beneficiary  history  with  other   originators,  name/  account  number   match,  suspected  mule)   Self  learning No  rules  to  write Not  threat  specific Adapts  to  new  threat Automatic  updates  to  analytics 100+  attributes   from  wire  system 21 Our  solution  answers  behavioral  questions  that  indicate  what  is  normal  vs.  suspicious  behavior.
  • 22. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Real-­time  Risk  Scoring  and  Intervention 22 Wire System Send  to  Fed Review  Alerts Risk  score  and   hold/release  instructions   returned  immediately  to   wire  system Mobile Branch Contact   Center Online File  upload Initiate Wire Wire  comes  in;  payment   fields  immediately  sent   to  Guardian  Analytics   for  analysis 9.2 2.2 Hold Release Analyze  30+  fields  and   nearly  75  attributes   from  PAYPlus Release/cancel Guardian  Analytics  Wire Every  wire  is  risk  scored.  Automatic  release  of  low-­‐risk  wires  allows  analysts  to  focus  their  time  on   investigating  the  small  number  of  high-­‐risk  payments.  
  • 23. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Guardian  Analytics  Wire  Successfully  Detects  BEC Attack 1 Attack  2 Attack  3 Attack  4 Attack  5   Beneficiary   FI AZ-­based  CU Large  national   bank Large  national   bank Large International   bank Chinese  bank Beneficiary   Location AZ(previously sent  wires  to   many  states,  and   other  countries) NY   (previously  sent   wires  to  TX,  WI) HongKong   (had  done  US   and  UK  wires  in   the  past) China (history of    US   wires  only) Beneficiary Individual Individual Individual Business Business Originator   Velocity First  wire  in four   months OBI   Frequency Infrequent  or  new   or  use  of  OBI Originator   Amount $39K $20K   (most  wires  0-­‐ $1000) $73K $125K $2,871,000   $4,950,000   $4,850,000   $4,969,000 Originator   Description Frequent  wire   sender  – IT   Services  Company Frequent  wire     sender  – Title   Company Sporadicwire   sender  – Legal   Services Frequentwire   sender  – Transportation   Services Frequent  wire   sender  – Title   Company No  one  bank  pattern   – US/international,   large/small,  bank/CU No  one  location   pattern Combination  of   business  and   individual Mixed  use  of   instructions   Amount  often   within  range  of   typical  behavior Could  be  single   or  multiple  hits Attacks  have  a  wide  range  of  variation,  making  BEC  attacks  difficult  to  detect  with  rules.  
  • 24. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Accurate  Detection,  Low  Alert  Volume The  combination     of  specific   attributes  of  this   wire  was  unusual   and  untrusted,   and  yielded  a  red   alert Guardian  Analytics  provides  complete  and  consolidated   view  of  account  history
  • 25. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Accurate  Detection,  Low  Alert  Volume The  combination     of  specific   attributes  of  this   wire  was  unusual   and  untrusted,   and  yielded  a  red   alert Note  that  behavioral   deviations  are   expected  and  do  not   yield  red  alerts  (top   row) Note  the  variation  in   wire  amount  did  not   trigger  a  false-­‐positive   as  FraudMAP   recognized  combined   behavior  as  normal
  • 26. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary You’ve  Detected  It  – Now  On  To  the  Client… • Be  prepared  with  details,  be  prepared  to  spend  time  with  the  business • Start  like  normal  verification  call;  get  customer  talking • Help  them  to  see  why  you’re  suspicious • Explain  the  scams • Probe  into  the  situation  – ask  if  they  received  the  request  via  email,  ask  for  key  words • Push  for  non-­‐email  based  confirmation • Remind  them  you’re  there  to  help • Redirect  the  emotion  – focus  on  the  pain  of  the  business  losing  money 26 Be  prepared  for  what  can  be  a  difficult  call  with  a  victimized  client.  
  • 27. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Impact  of  BEC  Fraud  On  Financial   Institutions 27 Cost  of  Education Reduced  alerts Reduced  callbacks Increased  detection,  less  recovery Increase  in  trust,  enhanced  experience Decrease  in   costs Increase In  Trust By  improving  their  ability  to  detect  BEC  attacks,  FIs  will  reduce  costs  and  increase  trust.  
  • 28. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Guardian  Analytics  Successes  with  BEC Fraud  prevented $19M  in  two   months Efficiency  gains Reduced  reviews  to  only   wires  flagged  by  Guardian   Analytics,  all  else   automatically  processed (50-­‐100  wires/day) Client  experience Reduced  callbacks Reduction  in  alerts   freed  time  for  deeper   client  discussion  of  likely   BEC  attacks Bank  with  ~4,000  wires  per  day Fraud  prevented $500K  in  six   months Efficiency  gains Previously  held  all  online   wires  (250/day)   Guardian  Analytics  scores   all  1500  wires/day,  but   holds  only  75  from  any   channel,  reducing  bank   effort  by  70% Client  experience Faster  processing Fewer  callbacks   (1-­‐5/day) Bank  with  ~1,500  wires  per  day 28
  • 29. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Guardian  Analytics  Wire  Benefits 29 • Accurate  detection  with  low  alert  rates • Reduction  in  false  positives  reduces  overall  workload  and   creates  time  for  banks  to  spend  with  customers • Better  client  experience • Reduction  of  time  spent  on  paperwork  and  funds  retrieval • Reduced  risk  of  lawsuits,  reputation  issues • Build  deep  client  satisfaction  and  loyalty
  • 30. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Guardian  Risk  Engine Solutions  to  Detect  Fraud  Across  Channels   and  Transactions Guardian  Solutions Guardian  Enterprise  API Guardian  Visual  Analytics We  offer  behavior-­‐based  solutions  across  channels  and  payment  types,  plus  an  API  to  incorporate   proprietary  data.  The  Risk  Engine  calculates  risk  scores  that  are  presented  through  our  visual  analytics.
  • 31. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary For  More  Information • Email  info@GuardianAnalytics.com • Request  a  one-­on-­one  briefing • Visit  www.GuardianAnalytics.com • Sign  up  for  a  demo • Sign  up  for  our  monthly  Fraud  Updates • Download  BEC  Best  Practices • www.GuardianAnalytics.com/BEC-­FI • Watch  the  recording  of  this  webinar • http://info.guardiananalytics.com/BECWebinar-­Mar2016-­reg.html 31
  • 32. ©2016  Guardian  Analytics  ,  Inc. Confidential    &  Proprietary Business  Email  Compromise  – Why  it’s  So   Effective,  and  How  to  Prevent  It Thank  You!