 |
 |
 |
 |
 |
 |
|
| |
|
|
| |
| Abstract |
| |
|
Paper
Title
|
A
Tour of the Fraud Underground
|
|
Author(s)
|
Jesse
Gough (USA), Sr. Security Researcher, Symantec
Corporation.
|
|
Time
|
12 December, Friday, 10:55 - 11:35.
|
|
|
|
|
This
presentation examines the structure and methodology of
the groups and individuals responsible for online fraud.
We attempt to profile the various players that comprise
fraud communities, demonstrate the relationships and
social structure between such individuals, and provide
technical analyses of the tools and attacks currently
employed. In order to provide a 360 degree view into the
underground world of online fraud, we analyzed data from
numerous sources including forensic analysis of
compromised honeypot systems that were used for phishing
scams, active monitoring of discussion forums and IRC
channels used to make transactions and establish
relationships, and binary analysis of the crimeware that
is used to enable such activity. Some of our findings
include the following:
1. The development of malicious code is often a regular,
fulltime activity. Developers may even be employed to
produce malicious code, and several development teams in
various locales may be collaborating on such projects.
2. Besides using the Internet to prey upon victims,
fraudsters also go online to “support” each other, to
trade their particular expertise, to barter stolen
credit card numbers, and establish relationships. Many
also establish reputations as reputable vendors, and
take their roles very seriously.
3. Many of their techniques lack sophistication, but are
still effective enough to produce rewards.
4. Most disturbing is the relative ease with which an
unskilled novice can enter the world of online fraud and
use the many online tools, forums, and tutorials that
will walk them through practically all the steps and
techniques they need to defraud others for financial
gain.
5. Perhaps the biggest adversary of the online scammer,
is a rival scammer. There is little honor among thieves,
and it is not uncommon for these criminals to scam each
other, or oust other individuals by exposing their
personal information to be available both to the
criminal community at large, as well as law enforcement. |
| |
|
| |
|
