1 / 20

What ’ s on the Agenda Today!

Top Fraud Trends in 2011 Is Your Credit Union Prepared to Prevent Today ’ s Top Fraud Threats? Utah Credit Union Association Volunteers Conference October 22, 2011. What ’ s on the Agenda Today!. What are you experiencing or hearing? What are the criminals up to in 2011?

neona
Télécharger la présentation

What ’ s on the Agenda Today!

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Top Fraud Trends in 2011Is Your Credit Union Prepared to Prevent Today’s Top Fraud Threats?Utah Credit Union AssociationVolunteers ConferenceOctober 22, 2011

  2. What’s on the Agenda Today! What are you experiencing or hearing? What are the criminals up to in 2011? What can we do to help minimize the fraud risk exposure? Open for questions

  3. Fraud Landscape in 2011 • Fraud is not going away! • Criminals are organized worldwide • Not a matter of “IF”, but “WHEN” you are attacked • Identify, assess and measure critical risk • Utilize effective controls to manage critical risk

  4. What are you experiencing or hearing? • Card exposure • Skimming vs breaches • Wire attempts • Phone, fax or email • Insider dealings • Compromise of data/funds • System intrusions • Hacking into a electronic device

  5. What’s up with the Card Exposure? • Data breaches • hackers getting into the systems to capture card information • Phishing (email/phone/text) • member’s giving up their information • Kiting –business card with a consumer card

  6. What’s up with the Card Exposure? • Skimming • capturing the magnetic stripe from the legitimate cardholder’s card • Card-Not-Present – criminal capturing enough card information to perform a transaction over the phone or on the internet • PIN fraud -Goal is cash!

  7. Card Prevention Measures • Fraud management system • CVC, CVC, CV, CID • Expiration date matching • Daily dollar limits • CVV2/CVC2/ • Other tools available – must deploy…….. • Review losses to see how the criminals are getting in is key!

  8. What’s up with Wire Fraud? • Finding an easy target • Request wire over the phone/fax/email • Call forwarding member’s phone number(s) • Phishing for member information • Large wire request (excess of $10,000.)

  9. Action Steps to help Combat Wire Fraud • Consider only face-to-face wire request • Lower outgoing $ amount for wire request not requested in person • Create a wire transfer agreement form with each member requesting a wire – signed by both the member and authorized cu employee. • Create a password/passcode with the member as one layer of verification in the agreement form • Create challenge questions with the member in the agreement form • Capture cell, home and work numbers to call back to validate with the member

  10. System Intrusions • The hunt for the hackers hijacking the net • How to protect yourself • Scans the internet for vulnerable server or host computers • Breaks into the weak computers – stashes a “slave” software program and awaits instructions to begin the attack • 2011 is the year of cyber vandals….. • Difficult to nab • Assaults from anywhere in the world • Uses multiple computers to cover their tracks

  11. Action Steps to help Combat System Intrusions • Use antivirus software and update it often • Use a hard to guess password – contains a mix of numbers and letters – longer the password the harder to compromise • Use different passwords for different websites and applications to keep hackers guessing • Install firewall software to screen traffic • Don’t open email attachments unless you know the source • Utilize a dedicated computer for the incoming/outgoing of funds by the credit union

  12. ACH – Account Takeovers • Hacker gets into the home banking/bill payment system • Initiates an outgoing ACH-Credit from the cu’s account or a business member’s account • ACH-Credit is sent to another Financial Institution (Receiving Depository Financial Institution) • Member comes into the receiving financial institution and withdrawals the funds (this may involve 25+ RDFI’s) • Member wires the funds from Western Union per the instructions and keeps a % of the funds

  13. Action Steps to help Combat ACH-Credit Fraud • Confirm all of the proper firewalls and system intrusion software is in place and working effectively to prevent entry • Utilize multi-factor and additional sign-on layers for your members • If the cu is not acting as an ODFI and not initiating ACH-credits-block this type of capability • Set transaction and file dollar limits • Utilize an ACH agreement form outlining the commercially reasonable security measures to be used prior to initiating the outgoing ACH-credit

  14. Emerging Risk Exposures Exposure • Cross-channel threats Prevention • Cross-channel fraud detection • Monitor activity • Online banking • Bill payment • Mobile payments • Cards • ACH • Wires • Loan payments • Deposits • ATM • Over the counter • Remote deposit capture • Manage at a “member level”

  15. Rethink Approach to Managing Fraud Risk • New products • New services • New channels Opens the opportunity for members But also opens the opportunity for fraud • Fraud rings exploit any vulnerabilities they can find!

  16. Enterprise Fraud Strategy • Spot fraud early • Requires solid organizational infrastructure to support efforts • Coordinates fraud detection and interdiction efforts across the entire enterprise • Identify all sources • Tomorrow’s threats as well as today’s

  17. Enterprise Fraud Management – The Vision • Establish a framework for enterprise wide deployment of fraud resources: • Gather and cross-match fraud-relevant data from all product lines, organizational units and geographic regions of the enterprise • Analyze the data……connect the dots……spot large-scale fraud attacks early in their life cycle

  18. Enterprise Fraud Management – The Vision • Prioritize alerts based on the level of risk that they pose to the entire enterprise • Plan and execute focused countermeasures to combat large-scale attacks • Develop and support highly skilled and motivated fraud teams to carry out task quickly and efficiently

  19. Thank you for working together in 2011 to manage risk! Questions? Ann Davidson CUNA Mutual Group Senior Consultant, Risk Management ann.davidson@cunamutual.com

More Related