IIA / ISACA Joint Mee3ng

Similar documents
8765 CA_ScamBroc 10/10/11 10:45 AM Page 1

PATRIOT BANK CUSTOMERS. Corporate Account Takeover & Information Security Awareness

Corporate Account Takeover & Information Security Awareness

Learn to protect yourself from Identity Theft. First National Bank can help.

1. Any requesting personal information, or asking you to verify an account, is usually a scam... even if it looks authentic.

Retail/Consumer Client. Internet Banking Awareness and Education Program

Market Intelligence Cell. Fighting Financial Crime

Protection from Fraud and Identity Theft

Payment Systems Department

Avoid completing forms in messages that ask for personal financial information.

Information Security. Annual Education Information Security Mission Health System, Inc.

CONTACT. information. All consumer complaints must be made in writing. Please call or write for a complaint form. Write to:

Member Municipality Security Awareness Training. End- User Informa/on Security Awareness Training

& INTERNET FRAUD

Identity Theft Assistance Kit A self-help guide to protecting yourself and your identity

Protect Yourself. Who is asking? What information are they asking for? Why do they need it?

Advice about online security

Identity Theft Simple ways to keep your sensitive information safe.

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

Fraud. Spot it.stop it. Keep Your Finances Safe

M&T BANK CANADIAN PRIVACY POLICY

S.A.F.E. Recognize a scam before you become a victim of fraud Division of Consumer Protection

Identity Theft Awareness: Don t Fall Victim to these Common Scams

Security Awareness. Top Security Issues. Office of Informa(on Technology Informa5on Security Department BE CYBER SAFE

Website Privacy Policy Statement York Rd Lutherville, MD We may be reached via at

OIG Fraud Alert Phishing

How to Identify Phishing s

NATIONAL CYBER SECURITY AWARENESS MONTH

Expanded Header: Viewing in Microsoft Outlook

Fraud. Your guide to protecting yourself from fraud

Protect yourself online

Sound Business Practices for Businesses to Mitigate Corporate Account Takeover

Attorney General Ellen Rosenblum Warns Oregon Nonprofits to Watch Out for Phony Donors

Financial Fraud Threats & Preven3on. Mark Frank EVP, Senior Opera3ons Officer Colorado Business Bank

PROTECT YOURSELF A CONSUMER PROTECTION PAMPHLET

Cybercrimes NATIONAL CRIME PREVENTION COUNCIL

Contents Security Centre

Social Media and Cyber Safety

Fraud Guide Fraud Protection

Intercepting your mail. They can complete change of address forms and receive mail that s intended for you.

Scams and Schemes LESSON PLAN UNIT 1. Essential Question What is identity theft, and how can you protect yourself from it?

Identity Theft. Protecting Yourself and Your Identity. Course objectives learn about:

Recognizing Spam. IT Computer Technical Support Newsletter

Protecting Yourself from Identity Theft

Paul Nguyen CSG Interna0onal

Criminal Investigation

Helping you to protect yourself against fraud and financial crime

Identity Theft Protection

Online Banking Customer Awareness and Education Program

location of optional horizontal pic Corporate and Investment Banking Business Online Information Security

PROTECT YOURSELF AND YOUR IDENTITY CHASE IDENTITY THEFT TOOL KIT

Customer Awareness for Security and Fraud Prevention

Website Privacy Policy Statement

Avoiding Malware in Your Dental Practice. 10 Best Practices to Defend Your Data

Malware & Botnets. Botnets

Guide to credit card security

suntrust.com 800.SUNTRUST

Online Security Tips

Online Fraud and Identity Theft Guide. A Guide to Protecting Your Identity and Accounts

Tips for Banking Online Safely

How To Get A Free Credit Report From A Credit Report Website

Many of these tips are just common sense and others are tips to keep in mind when doing a transaction, at ATMs, restaurants and merchants.

OFFICE OF KANSAS ATTORNEY GENERAL DEREK SCHMIDT

To p t i p s f o r s a f e o n l i n e b a n k i n g a n d s h o p p i n g

Your security is our priority

Business Internet Banking / Cash Management Fraud Prevention Best Practices

Low-Income Taxpayer Clinic (LITC) Choosing a Tax Return Preparer

Advance Fee Loans. Computer Malware Scams. Credit Repair Scams

Avoiding Malware in Your Dental Practice. 10 Best Practices to Defend Your Data

SelfScore Cardholder Agreement for Cards issued by Celtic Bank

When Fraud Comes Knocking

Take our Fraud Quiz and see what you know about frauds and scams in Canada. Test yourself on

Protecting your business from fraud

HIPAA Privacy Policy (Revised Feb. 4, 2015)

PROTECTING YOURSELF FROM IDENTITY THEFT. The Office of the Attorney General of Maryland Identity Theft Unit

Truth in Caller ID Act of 2009 and Cell Phone Pinging

McAfee S DO s AnD DOn ts Of Online Shopping

DON T BE FOOLED BY SPAM FREE GUIDE. Provided by: Don t Be Fooled by Spam FREE GUIDE. December 2014 Oliver James Enterprise

Armstrong State University Fall Staff Assembly. Chief Wayne Willcox, MSCJ, CLEE

Red Flags in International Payments and Trade. Presented by Paul Warfield and Despina Margiori

Encrypted Opening and Replying to a Secure Message

How to Protect Yourself From Identity Theft and Internet Scams

Money, fees and payment

FTC Data Security Standard

How to protect your identity. Identity fraud explained

Fraud and Identity Theft. Megan Stearns, Credit Counselor

Protect Your Personal Information

Protect Your Identity

DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C

Protect Yourself From Scams

Management and Storage of Sensitive Information UH Information Security Team (InfoSec)

How to Avoid Fundraising Scams

Protect Yourself From Identity Theft

BUT. Before you start shopping on the Internet, there are a number of questions you need to ask yourself.

Business ebanking Fraud Prevention Best Practices

How to stay safe online

and Identity Theft A Program sponsored by the New Jersey Bankruptcy Law Foundation Financial Literacy Project

Compu4ng Privacy Requirements

Internet Quick Start Guide. Get the most out of your Midco internet service with these handy instructions.

Online Banking. Customer Information

Transcription:

1

2

3

4

5

6

Current slide: Something you did, or something you failed to do, that is deemed injurious (i.e., causes harm) to the public welfare or morals (prevailing amtudes of society) or to the interests of the state (i.e., the government that codifies the crime) AND that is legally prohibited. This is an essen3al element if it is not legally prohibited then it is not a crime. Lead- in to next slide: The primary type of crime associated with computers is fraud. 7

Current slide: In par3cular we will be discussing crimes involving fraudulent behavior owen perpetrated using false personas or falsely using real personas. So, could the government have defined crimes involving electronic communica3on 100 years ago? Yes with telegraphs and telephones. Lead- in to next slide: What are the chances that you inadvertently commi[ed a crime today? 8

9

10

11

12

13

14

15

Cloud storage providers are available world- wide at dirt cheap prices many with the first few gigabytes free. 1. Amazon Cloud Drive 5GB 2. DropBox 2GB 3. SugarSync 5GB 4. MegaCloud 8GB 5. Google Drive 5GB 6. MicrosoW SkyDrive 7GB 7. JustCloud Unlimited 8. Box 5GB Note: More and more jurisdic3ons are agreeing to report out financial asset transac3ons and holdings to other countries. Caymans Sign Up To Bri3sh FATCA (h[p://www.iexpats.com/caymans- sign- bri3sh- fatca/). FATCA refers to the US Foreign Account Tax Compliance Act, which comes into force in 2014. 16

17

18

17 USC 501 - Infringement of copyright (a) Anyone who violates any of the exclusive rights of the copyright owner as provided by sec3ons 106 through 122 or of the author as provided in sec3on 106A (a), or who imports copies or phonorecords into the United States in viola3on of sec3on 602, is an infringer of the copyright or right of the author, as the case may be. For purposes of this chapter (other than sec3on 506), any reference to copyright shall be deemed to include the rights conferred by sec3on 106A (a). As used in this subsec3on, the term anyone includes any State, any instrumentality of a State, and any officer or employee of a State or instrumentality of a State ac3ng in his or her official capacity. Any State, and any such instrumentality, officer, or employee, shall be subject to the provisions of this 3tle in the same manner and to the same extent as any nongovernmental en3ty. (h[p://www.law.cornell.edu/uscode/text/17/501) 19

h[p://www.fcc.gov/guides/caller- id- and- spoofing Truth in Caller ID Act of 2009 The Truth in Caller ID Act of 2009, which was signed into law Dec. 22, 2010, prohibits caller ID spoofing for the purposes of defrauding or otherwise causing harm. In June 2010, the Federal Communica3ons Commission adopted rules implemen3ng the Truth in Caller ID Act. FCC Rules Prohibit any person or en3ty from transmimng misleading or inaccurate caller ID informa3on with the intent to defraud, cause harm, or wrongfully obtain anything of value. Subject violators to a penalty of up to $10,000 for each viola3on of the rules. Exempt authorized ac3vi3es by law enforcement agencies and situa3ons where courts have authorized caller ID manipula3on to occur. 20

21

22

Associa3on of Cer3fied Fraud Examiners (ACFE) Issues the Cer3fied Fraud Examiner (CFE) cer3fica3on The Top 5 Frauds of 2013 - h[p://www.acfeinsights.com/acfe- insights/2013/12/23/ the- top- 5- frauds- of- 2013.html ACFE Case Studies - h[p://www.acfe.com/case- studies.aspx 23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

Not just the US but foreign governments are shiwing their focus and resources to cybercrime. 44

45

Target breach: 40 million credit and debit cards were stolen even though stolen PIN codes were encrypted note that you can crack more than 10 percent of random PINs by dialing in 1234. Expanding a bit, 1234, 0000, and 1111, make up about 20 percent. See h[p://www.popsci.com/technology/ar3cle/2012-09/infographic- day- fastest- way- crack- 4- digit- pin- number Affordable Care Act (Obamacare) fraud: Some Obamacare navigators taxpayer- funded workers who were meant to help Americans wade through the insurance exchanges and buy health insurance have been giving Americans misinforma3on and in some instances encouraging Americans to commit fraud, according to a House Oversight and Government Reform Commi[ee that was released today. See h[p://blog.heritage.org/2013/12/16/obamacare- navigators- encourage- fraud- safe- private- informa3on- report- warns/ 46

47

48

Tips for avoiding Auc3on fraud: 1. Before you bid, contact the seller with any ques3ons you have. 2. Review the seller's feedback. 3. Be cau3ous when dealing with individuals outside of your own country. 4. Ensure you understand refund, return, and warranty policies. 5. Determine the shipping charges before you buy. 6. Be wary if the seller only accepts wire transfers or cash. 7. If an escrow service is used, ensure it is legi3mate. 8. Consider insuring your item. 9. Be cau3ous of unsolicited offers. 49

50

Wire transfer never- evers! h[p://www.westernunion.com/sites/us/consumer- protec3on/knowledgecenter.page Lower your chances of falling vic3m to fraud by checking out these eight things you should never do when using a money transfer service. 1. Never send money to people you haven't met in- person. 2. Never send money to pay for taxes or fees on lo[ery or prize winnings. 3. Never use a test ques3on as an addi3onal security measure to protect your transac3on. 4. Never provide your banking informa3on to people or businesses you don t know. 5. Never send money in advance to obtain a loan or credit card. 6. Never send money for an emergency situa3on without verifying that it s a real emergency. 7. Never send funds from a check in your account un3l it officially clears which can take weeks. 8. Never send a money transfer for online purchases. 51

52

Tips for avoiding Counterfeit Cashier's Check fraud: 1. Inspect the cashier's check. 2. Ensure the amount of the check matches in figures and words. 3. Check to see that the account number is not shiny in appearance. 4. Be watchful that the drawer's signature is not traced. 5. Official checks are generally perforated on at least one side. 6. Inspect the check for addi3ons, dele3ons, or other altera3ons. 7. Contact the financial ins3tu3on on which the check was drawn to ensure legi3macy. 8. Obtain the bank's telephone number from a reliable source, not from the check itself. 9. Be cau3ous when dealing with individuals outside of your own country. 53

Tips for avoiding Credit Card fraud: 1. Ensure a site is secure and reputable before providing your credit card number online. 2. Don't trust a site just because it claims to be secure. 3. If purchasing merchandise, ensure it is from a reputable source. 4. Promptly reconcile credit card statements to avoid unauthorized charges. 5. Do your research to ensure legi3macy of the individual or company. 6. Beware of providing credit card informa3on when requested through unsolicited emails. 54

Tips for avoiding Debt Elimina3on fraud: 1. Know who you are doing business with do your research. 2. Obtain the name, address, and telephone number of the individual or company. 3. Research the individual or company to ensure they are authen3c. 4. Contact the Be[er Business Bureau to determine the legi3macy of the company. 5. Be cau3ous when dealing with individuals outside of your own country. 6. Ensure you understand all terms and condi3ons of any agreement. 7. Be wary of businesses that operate from P.O. boxes or mail drops. 8. Ask for names of other customers of the individual or company and contact them. 9. If it sounds too good to be true, it probably is. 55

56

Tips for avoiding Parcel Courier fraud: 1. Beware of individuals using the DHL or UPS logo in any email communica3on. 2. Be suspicious when payment is requested by money transfer before the goods will be delivered. 3. Remember that DHL and UPS do not generally get involved in directly collec3ng payment from customers. 4. Fees associated with DHL or UPS transac3ons are only for shipping costs and never for other costs associated with online transac3ons. 5. Contact DHL or UPS to confirm the authen3city of email communica3ons received. 57

58

59

60

Tips for avoiding Employment/Business Opportuni3es fraud: 1. Be wary of inflated claims of product effec3veness. 2. Be cau3ous of exaggerated claims of possible earnings or profits. 3. Beware when money is required up front for instruc3ons or products. 4. Be leery when the job pos3ng claims "no experience necessary". 5. Do not give your social security number when first interac3ng with your prospec3ve employer. 6. Be cau3ous when dealing with individuals outside of your own country. 7. Be wary when replying to unsolicited emails for work- at- home employment. 8. Research the company to ensure they are authen3c. 9. Contact the Be[er Business Bureau to determine the legi3macy of the company. 61

62

Tips for avoiding Escrow Services fraud: 1. Always type in the website address yourself rather than clicking on a link provided. 2. A legi3mate website will be unique and will not duplicate the work of other companies. 3. Be cau3ous when a site requests payment to an "agent", instead of a corporate en3ty. 4. Be leery of escrow sites that only accept wire transfers or e- currency. 5. Be watchful of spelling errors, grammar problems, or inconsistent informa3on. 6. Beware of sites that have escrow fees that are unreasonably low. 63

64

In yesterday s (01/08/2014) Wall Street Journal an ar3cle quoted the IRS as saying Iden3fy TheW Grew Sharply Last Year. Tips for avoiding Iden3ty TheW: 1. Ensure websites are secure prior to submimng your credit card number. 2. Do your homework to ensure the business or website is legi3mate. 3. A[empt to obtain a physical address, rather than a P.O. box or mail drop. 4. Never throw away credit card or bank statements in usable form. 5. Be aware of missed bills which could indicate your account has been taken over. 6. Be cau3ous of scams requiring you to provide your personal informa3on. 7. Never give your credit card number over the phone unless you make the call. 8. Monitor your credit statements monthly for any fraudulent ac3vity. 9. Report unauthorized transac3ons to your bank or credit card company as soon as possible. 10. Review a copy of your credit report at least once a year. 65

Tips for avoiding Internet Extor3on: 1. Security needs to be mul3- layered so that numerous obstacles will be in the way of the intruder. 2. Ensure security is installed at every possible entry point. 3. Iden3fy all machines connected to the Internet and assess the defense that's engaged. 4. Iden3fy whether your servers are u3lizing any ports that have been known to represent insecuri3es. 5. Ensure you are u3lizing the most up- to- date patches for your sowware. 66

Tips for avoiding Internet Extor3on: 1. Security needs to be mul3- layered so that numerous obstacles will be in the way of the intruder. 2. Ensure security is installed at every possible entry point. 3. Iden3fy all machines connected to the Internet and assess the defense that's engaged. 4. Iden3fy whether your servers are u3lizing any ports that have been known to represent insecuri3es. 5. Ensure you are u3lizing the most up- to- date patches for your sowware. 67

Tips for avoiding Investment fraud: 1. If the "opportunity" appears too good to be true, it probably is. 2. Beware of promises to make fast profits. 3. Do not invest in anything unless you understand the deal. 4. Don't assume a company is legi3mate based on "appearance" of the website. 5. Be leery when responding to investment offers received through unsolicited email. 6. Be wary of investments that offer high returns at li[le or no risk. 7. Independently verify the terms of any investment that you intend to make. 8. Research the par3es involved and the nature of the investment. 9. Be cau3ous when dealing with individuals outside of your own country. 10. Contact the Be[er Business Bureau to determine the legi3macy of the company. 68

69

Tips for avoiding Lo[ery fraud: 1. If the lo[ery winnings appear too good to be true, they probably are. 2. Be cau3ous when dealing with individuals outside of your own country. 3. Be leery if you do not remember entering a lo[ery or contest. 4. Be cau3ous if you receive a telephone call sta3ng you are the winner in a lo[ery. 5. Beware of lo[eries that charge a fee prior to delivery of your prize. 6. Be wary of demands to send addi3onal money to be eligible for future winnings. 7. It is a viola3on of federal law to play a foreign lo[ery via mail or phone. 70

71

72

Tips for avoiding Nigerian Le[er or "419" fraud: 1. If the "opportunity" appears too good to be true, it probably is. 2. Do not reply to emails asking for personal banking informa3on. 3. Be wary of individuals represen3ng themselves as foreign government officials. 4. Be cau3ous when dealing with individuals outside of your own country. 5. Beware when asked to assist in placing large sums of money in overseas bank accounts. 6. Do not believe the promise of large sums of money for your coopera3on. 7. Guard your account informa3on carefully. 8. Be cau3ous when addi3onal fees are requested to further the transac3on. 73

74

75

76

77

78

79

80

Tips for avoiding Phishing/Spoofing fraud: 1. Be suspicious of any unsolicited email reques3ng personal informa3on. 2. Avoid filling out forms in email messages that ask for personal informa3on. 3. Always compare the link in the email to the link that you are actually directed to. 4. Log on to the official website, instead of "linking" to it from an unsolicited email. 5. Contact the actual business that supposedly sent the email to verify if the email is genuine. 81

82

83

84

Tips for avoiding Ponzi/Pyramid Scheme fraud: 1. If the "opportunity" appears too good to be true, it probably is. 2. Beware of promises to make fast profits. 3. Exercise diligence in selec3ng investments. 4. Be vigilant in researching with whom you choose to invest. 5. Make sure you fully understand the investment prior to inves3ng. 6. Be wary when you are required to bring in subsequent investors. 7. Independently verify the legi3macy of any investment. 8. Beware of references given by the promoter. 85

86

87

88

Tips for avoiding Reshipping fraud: 1. Be cau3ous if you are asked to ship packages to an "overseas home office." 2. Be cau3ous when dealing with individuals outside of your own country. 3. Be leery if the individual states that his country will not allow direct business shipments from the United States. 4. Be wary if the "ship to" address is yours but the name on the package is not. 5. Never provide your personal informa3on to strangers in a chat room. 6. Don't accept packages that you didn't order. 7. If you receive packages that you didn't order, either refuse them upon delivery or contact the company where the package is from. 89

Tips for avoiding Spam and Spam- related fraud: 1. Don't open spam. Delete it unread. 2. Never respond to spam as this will confirm to the sender that it is a "live" email address. 3. Have a primary and secondary email address - one for people you know and one for all other purposes. 4. Avoid giving out your email address unless you know how it will be used. 5. Never purchase anything adver3sed through an unsolicited email. 90

Tips for avoiding Third Party Receiver of Funds fraud: 1. Do not agree to accept and wire payments for auc3ons that you did not post. 2. Be leery if the individual states that his country makes receiving these type of funds difficult. 3. Be cau3ous when the job pos3ng claims "no experience necessary". 4. Be cau3ous when dealing with individuals outside of your own country. 91

92

How to Protect Yourself from Cyber Crime Wealth Daily's Weekend EdiEon h[p://www.wealthdaily.com/ar3cles/how- to- protect- yourself- from- cyber- crime/3280 1. Keep your firewall turned on. First, lock your doors. A firewall helps protect your computer from hackers who might try to gain access to crash it, delete informa3on, or even steal passwords or other sensi3ve informa3on. 2. Install or update your an3virus sowware. Second, roll up your windows. An3virus sowware is designed to prevent malicious sowware programs from embedding themselves on your computer. Most types of an3virus sowware can be set up to update automa3cally. 3. Install or update your an3spyware technology. Spyware is just what it sounds like: SoWware that lets other people spy on you. Some spyware collects informa3on about you without your consent; others produce unwanted pop- up ads on your web browser. Some opera3ng systems offer free spyware protec3on, and inexpensive sowware is readily available for download on the Internet or at your local computer store. 93

94

Legi3mate vendors almost always have security warnings and advice on how to use their site safely and securely. Take a few minutes to review their advice. 95

96

Remember: Only law enforcement personnel can authorita3vely state a crime has been commi[ed. 97

98

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information