Skip Main Navigation
Page Content
This event has ended

Save This Event

Event Saved

Fraud and Risk Round Table Discussion: Banking Malware Detection and Fraud Prevention

Minded Security

Friday, July 3, 2015 from 9:30 AM to 10:30 AM (BST)

Fraud and Risk Round Table Discussion: Banking Malware...

Ticket Information

This event is invite-only

You need an invitation to register for this event. Contact the host to find out more.

Looking for something to do?
Check out other great events using Eventbrite.

Event Details

As risk-fraud manager are you aware of banking malware risks?  Last February a huge email spam campaign disseminated the banking malware called Dyreza (also known as Dyre) on several bank customers in UK as well as in USA. First reported last year (2014) in June, Dyreza was identified by malware researchers as a new strain of online banking malware that spreads through phishing attacks. Dyreza is usually sent by "malware droppers" to bank customers via a PDF attachments in malicious emails. These emails are crafted to seem to come from the bank of the bank customer. When the bank customer clicks on the attachment/PDF, Dyreza gets installed and executed on their computer and ‘hooks’ code in the bank customer's browsers. When the malware is installed it will intercept online banking credentials when the bank customers try to log on. One of the special features of Dyreza is to steal all the data traffic between the customer and the bank. Because Dyreza uses standard SSL over standard ports, exfiltration traffic looks no different to legitimate traffic. The main objective of Dyreza is to steal money from the bank customers avoiding detection from fraud detection systems. Dyreza can evade detection from fraud detection systems this by stealing money amounts that stay under the threshold of fraud detection rules. Money is stolen by transferring it to an intermediary bank account referred as “money mule”, who then passes it on to the fraudster. Stolen banking data is used by the fraudsters for identity theft, bank account application fraud, card-non-present fraudulent transactions, money laundering and even for counterfeiting credit and debit cards.

Banking malware such as Dyreza attacks both business and commercial bank customers and the responsibility for mitigating the risk of fraud from banking malware attacks is often placed in the hands of those customers. For example, banks may advise their customers to be vigilant about unsolicited emails and to download anti-virus (AV) software to their desktops. Unfortunately this is often not enough to prevent malware infection and fraud, not the least because social engineering is still the weakest link in malware security. A more sound approach from fraud and risk management perspective is to invest in web fraud detection and prevention measures.  But before investing in web fraud detection it is important to analyse what a fraud risk manager can do to protect its banking customers from malware compromise and the bank from wire fraud losses. Some possible solutions are being discussed during this round table:

1) Threat Analysis and Attack Modeling:  can be used to understand how banking malware can breach multiple layers of defences. With banking malware as Dyreza,for example, banks must assume that the first layer of defence - the human firewall - will fail at least some of the time. It only takes a customer to click on a PDF after all. Since Dyreza can steal certificates, banks must also assume it can bypass SSL security. Threat analysis and attack modeling can be used to analyze the TTPs (Tools, Tactics and Procedures) and attack vectors used also by Dyreza.

2) Attack Simulation Tests: banks can conduct attack simulation tests in order to simulate the attacks using the various techniques used by the attackers. These tests can be used to identify control weaknesses of online banking site such as to be able to detect connection requested from customers infected by banking malware and alert fraud managers when specific malware actions are detected as indication of account take over fraud is occurring from Dyreza;

3) Engineering Countermeasures: to mitigate the threat of banking malware threats, banks should look carefully on which malware detection tools are capable of supporting appropriate action by fraud managers in real-time and, of finding, and understanding the risk of both known, and new, strains of malware. Today malware writers continually update their malware to evade detection and to incorporate new types of TTPs and attack vectors. In order to keep up with the growing threat of malware banks need to be able to adopt anti-malware and web fraud detection solutions that are engineered based upon an updated threat model of these malware attacks. Dyreza may be the latest most sophisticated type of malware but certainly won’t be the last. To detect these new strain of banking malwares and to prevent fraudulent money transfers multi-layered (client and server) agentless web fraud detection solutions are reccomended by analysts (e.g. Gartner). (Note: Minded Security Anti-Malware Technology will also brought to the discussion as one of the solutions as one example of multi-layered agent-less web fraud detection solution)

Meeting Logistics: meetings are held at Level 39 in One Canada Square, London. Each participant the meeting will receive a complementary copy of Minded Security Research on malware banking highlighting the various types of approaches that banks are undertaking to detect and prevent fraud occurring from banking malware. Breakfast will be offered to all meeting participants. Chatham house rules will be invoked prior to the meeting.

Have questions about Fraud and Risk Round Table Discussion: Banking Malware Detection and Fraud Prevention? Contact Minded Security



Minded Security

Minded Security UK Limited helps businesses build, deliver secure web and mobile applications and manage the security of digital assets to mitigate the risk of cyber-attacks while meeting the regulatory compliance requirements.  Minded Security serve hundredths of customer in Europe and in USA with software security services such as vulnerability testing and mobile security assessments training for software developers and technical managers and vulnerability testing tools for JavaScript client vulnerabilities and detection of banking malware to prevent wire fraud. Minded Security is trusted provider of cyber security software and managed services to large and small medium business in different industry verticals including government, Telco, retail, banking and finance. Among Minded Security large customers there are world known global companies such as Citibank, Google, Yahoo, Visa and Vodafone.

  Contact the Organizer

Interested in hosting your own event?

Join millions of people on Eventbrite.

Please log in or sign up

In order to purchase these tickets in installments, you'll need an Eventbrite account. Log in or sign up for a free account to continue.