Frauds, Scams and Financial Euphoria: Jack Lang
Frauds, Scams and Financial Euphoria: Jack Lang
Frauds, Scams and Financial Euphoria: Jack Lang
Jack Lang ***Health Warning*** DO NOT TRY THIS AT HOME You will meet strange new people and change your life.not for the better Its easy to steal. Its much harder to enjoy the proceeds
Straightforward dishonesty
False accounting Insider abuse False goods False customer claims Credit cards etc: Attacks and counter measures Identity theft Long firm Con tricks Telco fraud TV decoders Hack attack: blackmail DoS attacks Ponzi schemes Lotteries Financial Euphoria Insider trading: Guinness, and others Boiler room schemes Money laundering: layering Enron, false customer numbers, churn Follow the money
System weaknesses
Unreal Maths
Institutional fraud
Countermeasures
Dishonesty
Countermeasures: Cleanliness:
Double entry book-keeping; asset register; purchasing system Separation of front and back-office functions 2 signatures for critical functions (e.g. cheques)
Credit Cards
Dishonest merchants
Fake goods
Medicines Fashion goods Tickets Jewelry
Dishonest customers
Credit Cards
Originally fraud risk borne by banks Introduction of mail order and telephone (and web) order (MOTO) risk for transactions with the cardholder not present passed to merchant. MOTO have lower floor limits, and in delivery only to cardholder address
Not possible to check addresses for e-delivery, or overseas or services like Worldpay) 40% fraud for some sites Paypal fraud
Traditional frauds:
Stolen cards Pre-issue Identity theft
Credit Cards
Evolution of forgery
Attack Simple copy Alter embossing Emboss mag strip # Make up strip Skimming Countermeasure Hologram Check mag strip TDC CVV, CVC Intrusion detection
Free Lunch
False Identity
Legend:
e.g. Giles Stanley Murchison Date of Birth -> Birth certificate ->Passport Passport + Utility Bill -> Bank Account Bank Account -> Credit Card
-> NHS record, Employment benefit Email address (e.g Hotmail, NetIdentity) Telephone entry
Stolen identity
Credit card + pin Bank account + Utility Bill (fake) Online trail
Phishing
Please enter your bank/card details.... Fake banks
Mule Recruitment
Mule recruitment Receive money into bank account; remit by non-repudiable route, e.g Western Union Proportion of spam devoted to recruitment shows that this is a significant bottleneck Aegis, Lux Capital, Sydney Car Centre, etc, etc mixture of real firms and invented ones Only the vigilantes are taking these down impersonated are clueless and/or unmotivated Long-lived sites usually indexed by Google
http://www.419eater.com/
Con tricks
Setup
Select the mark Establish credibility
Sting
Special limited time offer Things are not what they seem
Shut-out
Exit route
Overpaid cheques
You sell some goods on Ebay etc Or are told you have won a prize/lottery You are sent a cheque for too much You send a refund The original cheque bounces...bank claims back the money
System weaknesses
TV decoders Blocking Fake cards Hack attacks: blackmail DoS attacks Industrial Espionage
Over rated!
System weaknesses
TV decoders Blocking Fake cards Hack attacks: blackmail DoS attacks Industrial Espionage
Over rated!
Telco Frauds
Internal (examples):
Illicit provisioning Illicit routing Suppression of billing data False credits to customer accounts Changing class of service to make a prepaid phone look like a post paid and avoid decrementation.
External:
Subscription fraud including id theft or lie Commmission fraud T'ing in or clip on (connecting a handset toi someone else's line) Direct Inward System Access (eg hacking through a PBX to get an onward line Cloning (now possible in GSM and very dangerous in a roaming situation Redirection Using the phone for a false identity Export scam
Unreal Maths
Ponzi schemes
Named after Carl Ponzi, who collected $9.8 million from 10,550 people ( including of the Boston Police Force ) and then paid out $7.8 million in just 8 months in 1920 Boston by offering profits of 50% every 45 days.
Much older Pay early investors from later capital Pyramid selling (Multi-Level Marketing) MM Albania
More Maths
Lotteries
Tax on the poor and the ignorant How Casanova made his money Not all promoters are honest!
Financial Euphoria
Tulipmania (1637) South Sea Bubble (1720) Railways (1849) Radio and Aeroplanes (1920) Dot.Com J.K. Galbraith
Chinese walls (and whispers) Money laundering: Layering Getting it into and out of the banking system Bureau de Change & offshore banks Disguise as legitimate business
Fraud?
Cambs firm slated over share hike
BAD PRESS has hit Cambridgeshire varicose veins firm DioMed. The company, which is listed on the U.S. Nasdaq exchange, has become a target for the New York Post. The paper claims the company, originally a spin-out from Generics Group at Harston, is enjoying an unwarranted hike in its share price following the efforts of a stock promoter who has a large holding stashed away in the Cayman Islands. "DioMed is exactly the sort of stock that should send any normal person fleeing the room at the mere mention of its name: suspect auditor (Andersen in the U.S.), offshore accounts, weird product, teeny-weeny revenues, board members with back stories -- this stock's got it all, the complete package," the New York Post says. DioMed's share price has risen more than 200 per cent to $7 this year, the greatest gain of any listed stock on Wall Street in this period. CEN 27th Mar 2002
False assurances
Enron BP Golden Share Murdoch
Bad statistics
Unemployment, hospital waiting lists Telco/cable customer numbers, churn Web-site clicks, adverts
Euphoria
3G Telco licences Privatisations
Countermeasures
Caution
If something is too good to be true, it probably is! RISK ASSESSMENT
Cleanliness
2-person working/separation of function Conventional double-entry bookkeeping Audit Culture