NCFTA Initiatives
CyFin
The CyFin initiative is dedicated to identifying, mitigating, and neutralizing cyber threats targeting the financial services industry. As a predecessor to the initiative, the Stock-Aid initiative was started in February 2007 in an effort to provide a collaborative forum in combating online stock manipulation schemes. The “account compromise” aspect of this initiative stemmed from phishing [...]
Reshipping
This joint initiative is focused on developing intelligence regarding the concealment of the true recipients of merchandise purchased with stolen payment credentials. Taking over existing legitimate shipping accounts through a variety of online methods, shipping fraud, reshipping, and the credit card fraud associated with it currently cost the US economy almost $1 billion per year. [...]
Digital Phishnet
The Digital Phishnet (DPN) initiative was developed jointly with various law enforcement and industry stakeholders, including Microsoft, Earthlink and Google, as a means to better collect and develop intelligence regarding the highest priority sophisticated phishing attacks (i.e. attempts to obtain personally identifiable information (PII) typically via emails misrepresenting legitimate entities). The DPN initiative also seeks [...]
Pharmacy
In order to address the serious and growing problem of illicit online pharmaceutical sales, the NCFTA established the Pharmaceutical Fraud Initiative (PFI), in partnership with the Federal Bureau of Investigation’s Cyber Initiative and Resource Fusion Unit (CIRFU), and the Internet Crime Complaint Center (IC3). The purpose of this initiative is to provide a neutral forum [...]
Malware & Botnet
The Malware & Botnet initiative is dedicated to better understanding the technology and identifying individuals or groups who utilize malicious code to enable crimes. The NCFTA maintains a collection of data regarding malicious code incidents, the network architecture being utilized to execute the schemes, and the communication channels implemented in these architectures. [...]
NCFTA Cyber Alerts
Tax Refund Spam
Individuals should be vigilant of emails concerning tax refunds. Fraudsters consistently send spam appearing to be from the IRS and financial institutions containing a link to a phishing website and/or malware typically during tax season in the US. Fraudsters then attempt to either socially engineer potential victims and/or infect their computers in order to gain [...]
Email Compromise and Wire Fraud
The NCFTA, along with its law enforcement and industry partners, has observed that cyber criminals are gaining access to compromised email accounts and leveraging the relationship between the email account holder and their financial advisor to request unauthorized wire transfers. The criminals either use the existing email address or slightly change the email address by adding or supplementing a letter or number. The criminals then typically attempt to socially engineer the advisor through stories of hardship or loss in order to justify the wire transfer.
Once the criminals have verified the amount in the account, they request that funds be sent to bank accounts in the US, Australia, and Malaysia. Some of the funds sent to US and Australian accounts have ultimately been sent to Malaysian accounts. Some of the money mules were recruited by romance scams on dating websites. Banks, brokerage firms, and credit unions of all sizes have been affected by this scam.
Please see http://www.ic3.gov/media/2012/EmailFraudWireTransferAlert.pdf for additional information on this scam and guidance on how to report such incidents to law enforcement.