1. InfoconDB
  2. Black Hat
  3. Black Hat USA 2014
  4. Lifecycle of a Phone Fraudster: Exposing Fraud Activity from Reconnaissance to Takeover Using Graph Analysis and Acoustical Anomalies

Lifecycle of a Phone Fraudster: Exposing Fraud Activity from Reconnaissance to Takeover Using Graph Analysis and Acoustical Anomalies

Presented at Black Hat USA 2014, Aug. 7, 2014, 3:30 p.m. (60 minutes)

Enterprises are vulnerable to "human hacking," the effective social engineering of employees, contractors, and other trusted persons. In particular, financial institutions have seen a significant increase in account takeover attacks over the phone by sophisticated fraudsters socially engineering call center agents. The customer information required is often obtained by gathering intelligence through reconnaissance, probing systems or humans. In this talk, we will show how to detect both the account takeover calls using acoustical anomalies and the reconnaissance calls leading to it through graph analysis. Using acoustical anomalies, we are able to detect over 80% of these calls with less than a 2% false positive rate. Furthermore, our graph analysis is able to see reconnaissance calls for 46% of these account takeovers 10 days before the actual takeover. These results are on a dataset of over hundreds of million calls. In the process, we will reveal the lifecycle of a phone fraudster as he works through both the call center agent and its technology to extract information about a customer and takeover his or her account.


Presenters:

  • Telvis Calhoun - Pindrop Security
    Telvis Calhoun is a software engineer at Pindrop Security with many years experience with commercial security companies. His expertise is building distributed server-side applications. While completing his MS, he was a member of the Communications Assurance and Performance Group at Georgia State University where he published research on wireless security. Telvis blogs about mining twitter.com using Twitter Storm, Hadoop, Elasticsearch, and whatever data analytics hotness catches his eye. His goal is to simply be challenged by his work, work with great people, and build great products.
  • Raj Bandyopadhyay - Pindrop Security
    Raj Bandyopadhyay is Principal Data Scientist at Pindrop Security. Raj is responsible for developing and implementing machine learning algorithms to detect fraud and other phone based attacks. Prior to joining Pindrop, Raj was Applied Researcher at Damballa, where he applied machine learning to botnet detection. Raj has also held software engineering positions at Dell SecureWorks and LogicBlox. Raj heads the Atlanta Chapter of Data Science for Social Good and is the Founder of Data Science ATL. Raj has a PhD and Masters in Computer Science from Rice University as well as a Graduate Certification in Mining Massive Data Sets, Computer Science from Stanford University.
  • Vijay Balasubramaniyan - Pindrop Security
    Vijay Balasubramaniyan is Co-Founder, CEO, and CTO of Pindrop Security. Vijay has held various engineering and research roles with Google, Siemens, IBM Research, and Intel. He holds patents in VoIP security and scalability and he frequently speaks on phone fraud threats at technical conferences, including CCS and ICDCS. Vijay was recently recognized by the MIT Technology Review's annual Innovators Under 35 list as an outstanding inventor. He earned a PhD in Computer Science from Georgia Institute of Technology. His PhD thesis was on telecommunications security.

Links:

Similar Presentations: