Online Banking Fraud Investigation

Online banking fraud requires a rapid and competent response. Only the swift and concerted actions of the bank’s security experts, the victimized customer, the independent criminologists, and law enforcement will prevent theft, reclaim funds, and identify and apprehend the criminals. Any delay will seriously hinder the investigative process and may cause irreversible loss of funds. Usually, Group-IB deals with the following situations:

  • theft involving the victimized company’s employees;
  • theft involving malicious software (Trojans);
  • theft involving emails with fraudulent payment instructions.

In the first two cases, identifying the perpetrators is impossible without a comprehensive forensic investigation, which solves the following major problems:

  • restoring the event timeline;
  • identifying signs of employee involvement;
  • disclosing the online banking fraud incident details.

Upon completion of all forensics, all data is transferred to the investigation department. This data is then used to determine any relationships with known criminal groups. Otherwise, a separate case is created for the criminal groups involved in the online banking fraud incident. In general, online banking fraud cases consist of the following stages:

  • searching for signs of internal staff involvement (based on the results of the forensic investigation);
  • detecting malicious software control panels and finding links to other information security incidents;
  • identifying persons providing support to the criminals;
  • receiving detailed information regarding the structure of the malicious software control panel and obtaining evidence of its use in the given incident of online banking fraud;
  • establishing the identity and location of the person controlling the botnet;
  • documenting and packaging all available information to be sent to law enforcement and judicial authorities.

Establishing the identities of the persons responsible is a process which requires special knowledge about the latest techniques used by the criminals. To carry out these tasks, Group-IB actively uses its own unique range of resources:

  • the HoneyNet distributed network;
  • the forensic database containing details of theft investigations;
  • the database containing details of malware investigations;
  • the database containing details of all cases of theft documented by Group-IB’s experts;
  • information on phishing resources;
  • results of previous investigations;
  • the latest intelligence;
  • contacts with similar investigative organizations in 48 countries.

Online Banking Fraud Investigation

Online baking theft may be carried out with either the involvement of the internal staff, or by outside criminals, usually with the aid of malicious software, such as Trojans. The successful outcome of the investigation is the establishment of the identities of the persons responsible, including their physical locations. If a criminal group was involved in the theft, Group-IB’s experts will take the necessary measures to identify all members of the group. The client never pays extra for the identities of any additional perpetrators. At the conclusion of all activities, the client is presented with a comprehensive report, which includes:

  • restored event timeline;
  • detailed descriptions of each step of the investigation with supporting materials;
  • identity information of the persons who gained unauthorized access to the accounts;
  • information of their physical location;
  • recommendations for further legal proceedings against the perpetrators.

Based on the results of the investigation, the client may opt to engage our legal support team in order to begin legal proceedings against the established perpetrators. We always recommend employing our legal support services while investigating instances of online banking fraud. This ensures the perpetrators face inescapable responsibility for the offenses committed, warranting highly probable compensation for damages, thus significantly reducing financial and reputational risks.

Online Banking Fraud Investigation

Each online banking fraud investigation requires an individualized approach, although the goal is always the same: to identify the persons responsible and arraign them. As a result of the investigation into the instance of online banking fraud performed by our experts, you will receive:

  • Damage minimization. Timely detection of theft of funds and immediate contact with Group-IB will block the unauthorized transfers of funds and returns them to the accounts of the victimized company.
  • Identification of unscrupulous employees (insiders). Sometimes the employees of the victimized company are involved in the incident. They may act as accomplices for outside criminals, or commit theft on their own. The investigation will reliably determine the presence of an insider within your company.
  • The ability to seek compensation for damages. Compensating the damages is only possible when the perpetrator has been identified. The major aim of the incident investigation is to find the persons responsible, determine their location, and arraign them.
  • Reduction in the costs of conducting your own investigation. Incorrectly collected evidence, faulty preliminary findings, inadequate documentation, and improper contacting of law enforcement leads to increased costs and loss of valuable time. Engaging an independent team of professionals allows you to avoid critical errors which occur when conducting your own investigations.
  • Impartiality and reliability of the data. Unique methodologies, updated databases, and knowledge of the specifics of computer crime guarantee the speed, reliability, and comprehensiveness of the obtained data regarding the perpetrators. The involvement of the independent experts will provide you with impartiality of the data, even in cases involving the internal staff.
  • Properly executed documentation. The information collected during the course of the incident investigation is documented in accordance with the applicable laws, guaranteeing that the resulting evidentiary base will be reviewed and approved by the law enforcement and judiciary authorities.

Contact Us:

+1 917 809-47-41

More information