Mobile banking fraud via SMS in North America: who's doing it and how

Presented at VB2015, Oct. 1, 2015, 2 p.m. (30 minutes).

Cybercriminals are using SMS scams to run several types of money-stealing mobile attacks on North American banks. This session will use real-world data obtained from various mobile carrier networks showing cybercriminal activity to provide a unique, valuable look into the methods used by cybercriminals.

We will use data from actual attacks to provide a detailed and in-depth view of the various techniques used by cybercriminals as well as the linguistic evolution of SMS bank scam attacks. We will analyse the changes in SMS messages in relation to the bank scams within months and days, as well as showing the techniques that the attackers are using to bypass and defeat defences in place.

The session will present statistical detail on various aspects of the attacks, including the average number of messages sent per attack per day. We will also look at one of the most important subjects, and the reason why these attacks are so successful: how scammers get hold of recipient / victim cell numbers. We will look at the relationship between the recipient numbers and the attacked financial institutions and at what correlations can be made. We will provide visualizations of attacks, showing how they grow and spread over time. We will graphically present the evolution of a single attack from the very beginning through its detection and containment. In addition, we will analyse the reasons for the high prevalence of mobile attacks in North America vs. attacks in Europe. Finally, this presentation will analyse the most important questions related to the modern state of SMS scam security mechanisms.


Presenters:

  • Cathal Mc Daid - Adaptive Mobile Security
    Cathal Mc Daid Cathal Mc Daid is Head of the Threat Intelligence Unit in Adaptivemobile. He is responsible for a team dedicated to analysing and uncovering new threats to mobile operators and subscribers, using advanced 'big data' techniques. He has 15 years' experience in telecoms, messaging and security. His work has featured on USA Today, BBC, Forbes, Bloomberg and the Register, amongst others. His academic background includes a B.Eng. in computer engineering from UL, Ireland and an Executive MBA from INSEAD, France/Singapore. @mcdaidc

Links:

Similar Presentations: