Академический Документы
Профессиональный Документы
Культура Документы
Introduction
Purpose
To raise DB staffs awareness on the recent fraud trends and provide advisory on fraud prevention measures. Stopping fraud before it happens is the ultimate goal of a successful prevention and awareness program .
Agenda
Revisiting Fraud. Impact on the Bank. Recent Fraud Scams. Countermeasures against Fraud.
Revisiting Fraud
What is Fraud?
Fraud consists of any false representation of a matter of fact whether by words, or by conduct, by false or misleading allegations or by concealment of that which should have been disclosed, which deceives or is intended to deceive another so that he shall act upon that information, or attempts to do any of the above.
(Source - DB Group Anti Fraud Policy)
Fraud can be accomplished through the aid of fraud objects. Fraud Objects Forged Letters of Credit. Forged Banks Guarantee. Altered Cheque. Skimming (Credit Card / ATMs). Internet Scams. Forged Invoices / Signatures. Identity Thefts (Personal / Corporate).
CSBC date page 3
Phishing
Artificial Word from Password Fishing. Attack on personal information for identity theft. Emails are used to direct users to spoofed websites or solicit for information. Attacks on user-ids, data, PINs, TANs etc. Not a new kind of attack but with increasing perfection.
Industry experts predict there will be
Phishing
Counter-measures
Never provide personal financial information, including your Social Security number, account numbers or passwords, over the phone or the Internet if you did not initiate the contact. Never click on the link provided in an e-mail you believe is fraudulent. It may contain a virus that can contaminate your computer. Install a firewall & anti virus protection on your home computer. Do not be intimidated by an e-mail or caller who suggests dire consequences if you do not immediately provide or verify financial information. If you believe the contact is legitimate, go to the companys web site by typing in the site address directly or using a page you have previously bookmarked, instead of a link provided in the e-mail.
CSBC date page 8
Vishing
Vishing or Voice Phishing is the act of leveraging a new technology called Voice over Internet Protocol (VoIP) in using the telephone system to falsely claim to be a legitimate enterprise in an attempt to scam users into disclosing personal information. Government, financial institutions, as well as online auctions and their payment services, can be targets of Voice Phishing. Methods of transmission: Typically an incoming recorded telephone message uses a spoofed (fraudulent) caller ID matching the identity of a misrepresented organization. The message uses an urgent pretext to direct unsuspecting users to another telephone number. The victim is invited to punch their personal information on their telephone keypad. Criminals capture the key tones and convert them back to numerical format Critical information is at risk, attacks on user-ids, data, PINs etc.
Vishing
Counter-measures
As a general rule, be suspicious when receiving any unsolicited incoming communication. Never provide personal financial information, including your Social Security number, account numbers or passwords, over the phone to non-validated sources. Never rely solely on your telephone caller ID function. Do not be intimidated by an e-mail or caller who suggests dire consequences if you do not immediately provide or verify financial information. If you believe the contact is legitimate, go to the companys web site by typing in the site address directly or using a page you have previously bookmarked, instead of a link provided in the e-mail.
Whistleblower Program
Presently, employees of DB can submit open, confidential or anonymous complaints regarding accounting, internal accounting controls or auditing matters via the Global Compliance homepage.
CSBC Strategy
The Prevention & Mitigation within CSBC aims to act as a focal point for identifying, classifying & responding to criminal activities against DB. Coordinate and conduct investigation into external frauds. Development of counter-measures. Define training standards and provide training on fraud awareness. Leverage on technology to investigate fraud more efficiently. Cooperate with the financial industry to identify and correct systemic weaknesses. Respond to business requests as required.