Disrupting BEC Attacks Utilizing Kill Chain

Explore trends in business email compromise (BEC) and learn how the financial service industry combats this $26 billion problem in this 50-minute RSA Conference talk. Gain insights into BEC criminal gangs' tactics, techniques, and procedures, as well as BEC intelligence gathering and disruption methods. Discover FS-ISAC's groundbreaking fraud intelligence sharing initiatives. Delve into topics such as BEC attack examples and definitions, the role of banks in prevention, data handling in attacks, email address verification, vendor email compromise, and the challenges of operating in the "gray zone." Examine deep dives into OASIS, vendor compromise, fraudulent transaction identification, customer authentication, romance scams, fresh account reporting, mule accounts, API automation, gift card vectors, and payroll diversion.

Introduction
How many of you like me
BEC attack example
BEC attack definition
How in the world is it
How banks can help
What can we do
What actually happens
What happens to your data
An anonymized list
Verifying email addresses
Generating targets
Vendor email compromise
The gray zone
What we were able to do
Over some period of time
Putting it all together
Why this is such a big problem
Deep Dives
Questions
OASIS
Vendor Compromise
Identifying Fraudulent Transactions
Authentication of Customers
Romance Scam
Reporting Fresh Accounts
Vendor Email Accounts
How Many Mules
Mule Accounts
API
API Automation
Gift Card Vector
Payroll Diversion
Thank you