1 / 22

Beirut – Fall 2015

Special Investigation Commission. Cyber Crimes. Beirut – Fall 2015. Overview.

adas
Download Presentation

Beirut – Fall 2015

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Special Investigation Commission Cyber Crimes Beirut – Fall 2015

  2. Overview During the period extending between 2014 and till date, the SIC received approximately 35 STRs and 80 requests of assistance concerning acts of piracy conducted through the internet that led to the withdrawal or the attempted withdrawal of funds from accounts of natural and legal persons at banks and financial institutions operating in Lebanon, out of which the following two cases:

  3. 1st Case Scenario (1) A local bank reported the following: • On 19/12/2014, the bank executed a transfer for EUR/48,000/ based on a request received from the e-mail of a local company to wire the funds to an account at a bank in a European country. • Shortly thereafter, the bank received another request bearing the signature of the company’s legal or authorized representative to wire the funds to a an account at a bank in another European country.

  4. 1st Case Scenario (2) • Subsequently, the bank executed the transfer in accordance with the instructions received through the 2nd request. • When the foreign exporting company did not receive the funds, it notified the local company. It was revealed that the amended request (2nd request) was received by the local company from an unknown person who had used the e-mail of the foreign company, and presented himself as the manager of the company and as such the trick deceived the local company. • Hence failure to adopt proper Due Diligence procedures may lead to a financial damage.

  5. SIC Decision Sought the assistance of concerned counterpart FIU to do the following: • Provide the full identification details of the name of the account holder to which the funds were wired. • Provide police / judicial records • Identify partners/ business associates of the beneficiary abroad and in Lebanon • Freeze the concerned bank account, in case the funds were not yet withdrawn. Sought the consent of concerned FIUs to disseminate any information that they may provide in this regard to the DISF and GP office.

  6. 2nd Case Scenario (1) A local bank reported the following: • On 10/2/2015, the bank received an e-mail from a customer, to which was attached a file containing written instructions bearing the customer’s signature to execute a transfer for USD /220,000/ to a foreign bank account pertaining to a legal person. • The bank’s suspicion rose due to the following:

  7. 2nd Case Scenario (2) • The customer has never executed in the past transfers having a commercial nature. • He has never sent in the past similar instructions through his e-mail . • The purpose of the transfer is not clear. • The customer’s account reflects an insufficient balance; knowing that he follows upon his accounts properly and is aware of their balances.

  8. 2nd Case Scenario (3) • Since the bank’s procedures stipulates that all payment instructions should not be processed unless verified in writing or over the phone, irrespective of the value of the transfer, the bank contacted the customer who confirmed neither having signed nor sent the instructions through his e-mail. • Subsequently, the CDD measures uncovered the scheme that could have led to a financial damage.

  9. SIC Decision • Provided the information contained in this report to the concerned FIU • Gave its consent to the said FIU to disseminate the information to the local police for intelligence purposes only.

  10. Cybercrimes In light of the SIC strategic analytical function, we conducted a review of the cases on a consolidated basis, where it was revealed that they could be summarized in three categories.

  11. 1st Category Involves the presence of an unknown individual who infiltrates the e-mail of a customer of a bank or establishes a seemingly similar e-mail to contact the bank to execute an outgoing transfer from the customer’s account to an account selected by himself; in turn, the bank undertakes the ordinary due diligence measures and executes the requested transfer; later on, the bank realizes that it is a victim of fraud and piracy.

  12. 2nd Category Involves the presence of an unknown individual who infiltrates the e-mail of an exporting company with which the customer deals or establishes a seemingly similar e-mail to that of the said company to contact the customer to execute an outgoing transfer to an account selected by himself against merchandise or service rendered; in turn the customer executes the requested transfer to realize that he was a victim of fraud and piracy.

  13. 3rd Category Involves the presence of an unknown individual who infiltrates the e-mail of a customer of a bank or establishes a seemingly similar e-mail to contact a foreign importing company (imports merchandise from the customer), asking it to execute an outgoing transfer from its account to an account selected by himself against the purchase of imported merchandise; later on, the foreign importing company realizes that it is a victim of fraud and piracy.

  14. Examples Indicative of Cybercrimes • Receipt by the bank of an e-mail seemingly similar to that of the customer in which the sender requests to execute a transfer to the customer’s account or to a third party account in a foreign country. • E-mail sender pretends to be in a hurry or to have an urgent matter or to have changed his banking account and can not be reached by phone or fax. • Receipt by the bank of an e-mail from the customer in which he requests to execute a transfer to an account other than that of the company that he regularly deals with.

  15. Examples Indicative of Cybercrimes • Receipt by the customer of an e-mail seemingly similar to that of the company that he regularly deals with in which the sender requests to execute a transfer to an account other than that of the company. • Receipt by the customer of an e-mail from the company that he regularly deals with in which the sender requests to execute a transfer to a third party bank account against the purchase of merchandise from the said company.

  16. Examples of Seemingly Similar E-mails If we assume that the actual e-mail is Claire.fg1@gmail.com, seemingly similar e-mails could be as follows: • Claire.fq1@gmail.com • Claire.fgl@gmail.com • Cliare.fg1@gmail.com • Clare.fg1@gmail.com • Others

  17. Suggested CCD Measures • Maintain a Global Address List or a list of the e-mails of your customers on your computer. • Always initiate a new e-mail by referring to the list • Never make a reply to an e-mail, even if you identify your customer as the e-mail sender. • Pay attention to any discrepancy between the e-mail address of the customer and that of the sender • Pay attention to any grammatical mistakes (i.e. god day instead of good day, etc…

  18. Suggested CDD Measures • Usually the e-mail letter is addressed in general and not to any specific person (i.e. Dear staff member, or Dear customer…) • Pay attention to any change in the payment instructions. • Never execute instructions to wire money out of your customer’s account without confirming said instructions by a telephone call. • Phone confirmations should be made by staff who knows your customers and most often speaks to them over the telephone.

  19. Suggested CDD Measures • Always send a carbon copy of your e-mails to your supervisor to warrant dual control. • Allow your system to generate automated carbon copies of your e-mails to your supervisor to warrant dual control. • Consider to do the following before the execution of the transfer: • Either notify your customer via SMS text message • Or ask your customer via SMS text message to contact you to verify the authenticity of the transaction

  20. Suggested Due Diligence Measures • Obtain senior management approval before executing transfers that exceed a certain designated threshold. • Ensure that insurance policies pertaining to the bank cover the risks associated with such transactions.

  21. Suggested Due Diligence Measures Notify customers to refrain from executing transfers to foreign exporting companies or from the shipment of merchandise to foreign importing companies before confirming, via a telephone call, the payment instructions dispatched or received through the e-mail.

  22. THANK YOU

More Related