NCFTA – Cracking Down on Cyber Crime
Cyber crime today is becoming increasingly complex and international in nature. A domestic cyber breach can quickly change into a convoluted, on-line ID theft or global money laundering matter. To effectively address such crimes, organizations must quickly identify and leverage the most complete intelligence and be capable of following that trail.
The NCFTA functions as a conduit between private industry and law enforcement with a core mission to identify, mitigate and neutralize cyber crime. In an effort to streamline intelligence exchange, the NCFTA will often organize SME interaction into threat-specific initiatives. Once a significant online scheme is realized and a stakeholder consensus defined, an initiative is developed wherein the NCFTA manages the collection and sharing of intelligence with the affected parties, industry partners, appropriate law enforcement, and other SMEs.
NCFTA Initiatives
CyFin
The CyFin initiative is dedicated to identifying, mitigating, and neutralizing cyber threats targeting the financial services industry. As a predecessor to the initiative, the Stock-Aid initiative was started in February 2007 in an effort to provide a collaborative forum in combating online stock manipulation schemes. The “account compromise” aspect of this initiative stemmed from phishing [...]
Reshipping
This joint initiative is focused on developing intelligence regarding the concealment of the true recipients of merchandise purchased with stolen payment credentials. Taking over existing legitimate shipping accounts through a variety of online methods, shipping fraud, reshipping, and the credit card fraud associated with it currently cost the US economy almost $1 billion per year. [...]
Digital Phishnet
The Digital Phishnet (DPN) initiative was developed jointly with various law enforcement and industry stakeholders, including Microsoft, Earthlink and Google, as a means to better collect and develop intelligence regarding the highest priority sophisticated phishing attacks (i.e. attempts to obtain personally identifiable information (PII) typically via emails misrepresenting legitimate entities). The DPN initiative also seeks [...]
Pharmacy
In order to address the serious and growing problem of illicit online pharmaceutical sales, the NCFTA established the Pharmaceutical Fraud Initiative (PFI), in partnership with the Federal Bureau of Investigation’s Cyber Initiative and Resource Fusion Unit (CIRFU), and the Internet Crime Complaint Center (IC3). The purpose of this initiative is to provide a neutral forum [...]
Malware & Botnet
The Malware & Botnet initiative is dedicated to better understanding the technology and identifying individuals or groups who utilize malicious code to enable crimes. The NCFTA maintains a collection of data regarding malicious code incidents, the network architecture being utilized to execute the schemes, and the communication channels implemented in these architectures. [...]
Internet Fraud Alert
What is Internet Fraud Alert? Internet Fraud Alert (IFA) is a system that functions as a centralized clearinghouse and alerting mechanism allowing trusted participants to report compromised credentials that have been uncovered online. Once reported, IFA will issue an alert to the relevant financial institution or other service provider indicating its customer’s credentials have been [...]
NCFTA Cyber Alerts
Email Compromise and Wire Fraud
The NCFTA, along with its law enforcement and industry partners, has observed that cyber criminals are gaining access to compromised email accounts and leveraging the relationship between the email account holder and their financial advisor to request unauthorized wire transfers. The criminals either use the existing email address or slightly change the email address by adding or supplementing a letter or number. The criminals then typically attempt to socially engineer the advisor through stories of hardship or loss in order to justify the wire transfer.
Once the criminals have verified the amount in the account, they request that funds be sent to bank accounts in the US, Australia, and Malaysia. Some of the funds sent to US and Australian accounts have ultimately been sent to Malaysian accounts. Some of the money mules were recruited by romance scams on dating websites. Banks, brokerage firms, and credit unions of all sizes have been affected by this scam.
Please see http://www.ic3.gov/media/2012/EmailFraudWireTransferAlert.pdf for additional information on this scam and guidance on how to report such incidents to law enforcement.