Computer Fraud, Identity Theft, and Computer Forensics

1
Computer Fraud, Identity Theft, and Computer
Forensics
Presented by Scott R. Ellis Manager, Forensic
and Litigation Technologies Practice
2

• Computer Fraud and Identity Theft
• What is Identity Theft
• Victim v. Opponent
• What is an Opponent?
• The Old Tricks
• Youve been Hacked
• What NOT to Do
• What TO Do
• Checkmate
• Contact Info

3
What is Identity Theft?
4
Computer Fraud and Identity Theft What is
Identity Theft Victim v. Opponent What is an
Opponent? The Old Tricks
Youve been Hacked What NOT to Do What
TO Do Checkmate Contact Info
5
Victim v. Opponent

• Qualities of a victim
• Inexperienced user
• Experienced user
• Suspecting/unsuspecting Users
• Insecure system
• Secure system
• Access to email
• Uses online banking or other common services
• Any type of person! (except maybe one)

6
Computer Fraud and Identity Theft What is
Identity Theft Victim v. Opponent What is an
Opponent? The Old Tricks
Youve been Hacked What NOT to Do What
TO Do Checkmate Contact Info
7
Qualities of an Opponent

• Doesnt want you to know about him.
• The bigger the trick and the older the trick the
  easier it is to pull. There are two reasons this
  works.
• Wants to reassure you, wants you to feel safe.
• The more sophisticated the game, the more
  sophisticated the opponent.
• He is generous (seemingly).
• When you question it, you will question yourself.
  YOU cant be wrong, right?

8
Computer Fraud and Identity Theft What is
Identity Theft Victim v. Opponent What is an
Opponent? The Old Tricks Youve been Hacked What
NOT to Do What TO Do Checkmate Contact Info
9
The Old Tricks

• The Mole
• The Mole Might be Your Mother (or mine!)

10
The Nigerian How you can get a million dollars
for a small investment of 4,000? Bait and
Switch Check the URL! Boiler Room (Do they even
know the depth of the con?) Cross Site
Scripting The power or right clicking on
links Power of look-alike pop-ups
11
(No Transcript)
12
Methods of the Modern Trick

• When you are being victimized
• In every con there is a victim and an opponent.
• The more control you think you have, the less you
  have.
• You will be fed pieces. (Something free).
• You will have likely installed the malware on
  your computer yourself, knowingly and willingly.
• The opponent will have complete control of the
  environment.
• Checkmate. When it comes you will know it.

13
Method (continued)

• Your weakness will be located with the following
  tricks
• Searches
• Banner ads
• Pop-ups
• Emails from people you know -- enough spam to
  enough people, will trigger a response
• Certified letters
• (eventually one will compel you)

14
Computer Fraud and Identity Theft What is
Identity Theft Victim v. Opponent What is an
Opponent? The Old Tricks Youve been Hacked What
NOT to Do What TO Do Checkmate Contact Info
15
Youve been Hacked

• How do you know?
• Symptoms
• Erratic Behavior windows closing, software that
  wont start, antivirus stops functioning or wont
  update, etc
• Errors at unusual times
• Long boot up times
• Poison Ivy complete system control, microphone,
  webcam control, desktop access.
• Undetectable root kits.
• Metasploit allows hackers to generate payloads
  in many formats.
• DNS Poisoning
• Used to replace content for a set of victims
• Replaces it with the opponents own, malicious web
  site
• SQL Injection

16
Computer Fraud and Identity Theft What is
Identity Theft Victim v. Opponent What is an
Opponent? The Old Tricks Youve been Hacked What
NOT to Do What TO Do Checkmate Contact Info
17
(No Transcript)
18
What NOT to Do

• Do not Panic. Stay Calm.
• Do not continue to use the computer for
  transactions.
• In certain situations, do not even reboot.
• Do not call me (unless you want a forensic
  investigation of the incident!)
• If an identity of the opponent is involved, do
  not attempt to initiate contact.
• Do not think the problem will go away.

19
Computer Fraud and Identity Theft What is
Identity Theft Victim v. Opponent What is an
Opponent? Youve been Hacked What NOT to Do What
TO Do Checkmate Contact Info
20
What TO Do

• Call your credit card companies. All of them.
• Be Honest. Yes officer, I really did believe I
  could help this man retrieve his lost fortune and
  make a nice commission for myself in the process
  by simply depositing 4000 in his checking
  account.
• EVERY DETAIL HELPS
• They just might know his MO.
• Report cybercrime to cybercrime.gov
• Learn to be safe.

21
Credit Reporting Agencies(notice free credit
report .com is not one of them)

• TransUnion Fraud Victim Assistance Department
  Phone 800-680-7289EquifaxConsumer Fraud
  Division Phone 800-525-6285 or 404-885-8000
• Experian Experian's National Consumer
  AssistancePhone 888-397-3742

22
Computer Fraud and Identity Theft What is
Identity Theft Victim v. Opponent What is an
Opponent? Youve been Hacked What NOT to Do What
TO Do Checkmate Contact Info
23
Checkmate

• Dont live in fear.
• Be Safe Dont Click on anything.
• The Hardest Person to Con?
• The most difficult person to con is an honest
  one. The honest person believes in working for
  his reward. Nothing worth having is free.
• But just because you are honest doesnt mean you
  will win at chess!

24
Contact Info
For a copy of this presentation and other
articles published by Scott Ellis, please
contact him at sellis_at_us.rgl.com