Archive for the ‘financial crime and fraud’ Category

Report on Cybersecurity Practices

February 26, 2015 Comments off

Report on Cybersecurity Practices (PDF)
Source: Financial Industry Regulatory Authority

Like many organizations in the financial services and other sectors, broker-dealers (firms) are the target of cyberattacks. The frequency and sophistication of these attacks is increasing and individual broker-dealers, and the industry as a whole, must make responding to these threats a high priority.

This report is intended to assist firms in that effort. Based on FINRA’s 2014 targeted examination of firms and other related initiatives, the report presents FINRA’s latest work in this critical area. Given the rapidly evolving nature and pervasiveness of cyberattacks, it is unlikely to be our last.

A variety of factors are driving firms’ exposure to cybersecurity threats. The interplay between advances in technology, changes in firms’ business models, and changes in how firms and their customers use technology create vulnerabilities in firms’ information technology systems. For example, firms’ Web-based activities can create opportunities for attackers to disrupt or gain access to firm and customer information. Similarly, employees and customers are using mobile devices to access information at broker-dealers that create a variety of new avenues for attack

The landscape of threat actors includes cybercriminals whose objective may be to steal money or information for commercial gain, nation states that may acquire information to advance national objectives, and hacktivists whose objectives may be to disrupt and embarrass an entity. Attackers, and the tools available to them, are increasingly sophisticated. Insiders, too, can pose significant threats.

This report presents an approach to cybersecurity grounded in risk management to address these threats. It identifies principles and effective practices for firms to consider, while recognizing that there is no one-size-fits-all approach to cybersecurity.

2014 Fifth Annual Study on Medical Identity Theft

February 24, 2015 Comments off

2014 Fifth Annual Study on Medical Identity Theft
Source: Medical Identity Fraud Alliance

The 2014 Fifth Annual Study on Medical Identity Theft measures the prevalence, extent and impact of medical identity theft to consumers and the healthcare industry in the United States. The study was sponsored by the Medical Identity Fraud Alliance (MIFA) with support from MIFA Founding Member companies Kaiser Permanente, ID Experts Corporation, Experian Data Breach Resolution and Identity Finder, LLC, and conducted by the Ponemon Institute.

The incidence of medical identity theft continues to rise. This most recent report shows that it has nearly doubled since the first study five years ago. In 2014, there were almost 500,000 more victims than in 2013.

The out-of-pockets costs to victims has also grown, with twice as many victims experiencing financial costs to correct their medical identities and deal with the resulting problems.

And victims continue to experience serious risks related to their healthcare as a result of being victimized, such as misdiagnosis, mistreatment and delayed healthcare.

free registration required2

IRS Completes the “Dirty Dozen” Tax Scams for 2015

February 19, 2015 Comments off

IRS Completes the “Dirty Dozen” Tax Scams for 2015
Source: Internal Revenue Service

The Internal Revenue Service wrapped up the 2015 “Dirty Dozen” list of tax scams today with a warning to taxpayers about aggressive telephone scams continuing coast-to-coast during the early weeks of this year’s filing season.

The aggressive, threatening phone calls from scam artists continue to be seen on a daily basis in states across the nation. The IRS urged taxpayers not give out money or personal financial information as a result of these phone calls or from emails claiming to be from the IRS.

Phone scams and email phishing schemes are among the “Dirty Dozen” tax scams the IRS highlighted, for the first time, on 12 straight business days from Jan. 22 to Feb. 6. The IRS has also set up a special section on highlighting these 12 schemes for taxpayers.

See also: IRS Warns Tax Preparers to Watch out for New Phishing Scam; Don’t Click on Strange Emails or Links Seeking Updated Information

The Causes and Consequences of Financial Fraud Among Older Americans

February 18, 2015 Comments off

The Causes and Consequences of Financial Fraud Among Older Americans
Source: Center for Retirement Research at Boston College

Financial fraud is a major threat to older Americans, and this problem is expected to grow as the baby boom generation retires and more retirees manage their own retirement accounts. We use a unique dataset to examine the causes and consequences of financial fraud among older Americans. First, we find that decreasing cognition is associated with higher scam susceptibility scores and is predictive of fraud victimization. Second, overconfidence in one’s financial knowledge is associated with fraud victimization. Third, fraud victims increase their willingness to take financial risks relative to propensity-matched non-victims.

IRS and US-CERT Caution Users: Prepare for Heightened Phishing Risk This Tax Season

February 4, 2015 Comments off

IRS and US-CERT Caution Users: Prepare for Heightened Phishing Risk This Tax Season
Source: US-CERT

Throughout the year, scam artists pose as legitimate entities—such as the Internal Revenue Service (IRS), other government agencies, and financial institutions—in an attempt to defraud taxpayers. They employ sophisticated phishing campaigns to lure users to malicious sites or entice them to activate malware in infected email attachments. To protect sensitive data, credentials, and payment information, US-CERT and the IRS recommend taxpayers prepare for heightened risk this tax season and remain vigilant year-round.

SEC Alerts Investors, Industry on Cybersecurity

February 3, 2015 Comments off

SEC Alerts Investors, Industry on Cybersecurity
Source: U.S. Securities and Exchange Commission

The Securities and Exchange Commission today released publications that address cybersecurity at brokerage and advisory firms and provide suggestions to investors on ways to protect their online investment accounts.

One publication, a Risk Alert from the SEC’s Office of Compliance Inspections and Examinations (OCIE), contains observations based on examinations of more than 100 broker-dealers and investment advisers. The examinations focused on how these firms:

  • Identify cybersecurity risks
  • Establish cybersecurity policies, procedures, and oversight processes
  • Protect their networks and information
  • Identify and address risks associated with remote access to client information, funds transfer requests, and third-party vendors
  • Detect unauthorized activity

The second publication, an Investor Bulletin issued by the SEC’s Office of Investor Education and Advocacy (OIEA), provides core tips to help investors safeguard their online investment accounts, including:

  • Pick a “strong” password
  • Use two-step verification
  • Exercise caution when using public networks and wireless connections

Bitcoin scams steal at least $11 million in virtual deposits from unsuspecting customers; First empirical study of its kind identifies fraud on seemingly legitimate web sites purposely designed to steal customers’ funds

February 2, 2015 Comments off

Bitcoin scams steal at least $11 million in virtual deposits from unsuspecting customers; First empirical study of its kind identifies fraud on seemingly legitimate web sites purposely designed to steal customers’ funds
Source: Southern Methodist University

Fraudulent schemes have scammed at least $11 million in Bitcoin deposits from unsuspecting cyber customers over the past four years, according to new cyber security research from Southern Methodist University, Dallas.

Bitcoin is the digital world’s most popular virtual currency, with millions in circulation.

In the first empirical study of its kind, SMU researchers found that hucksters used four different types of schemes through authentic-looking web-based investment and banking outlets to lure customers and heist deposits, said computer security expert Marie Vasek, lead researcher on the study.

“Our calculation of $11 million is almost certainly at the low-end,” said Vasek. “The amount of Bitcoin that depositors have lost to these scams is probably many millions more.”

Typically the scams succeed by exploiting not only people’s greed, but also the urge to “get rich quick,” coupled with the inability to judge the legitimacy of web services to decide which financial sites are good or bad, said Bitcoin and cyber security expert Tyler W. Moore, co-researcher on the study.


Get every new post delivered to your Inbox.

Join 1,013 other followers