Threat radar
The threat radar gives you an overview of the current most prominent threats, compiled out of open source information and reports. Further below, detailed information about 15 of the most common modi operandi can be found.
Julius Baer continuously assesses the level of fraud risks and identifies relevant attack vectors and emerging crime threats and trends. Based on our assessment, we continuously adapt our risk framework in order to minimise the risks for our clients, partners, employees, and the bank.
Modi Operandi "Manipulation"
Phishing
The word phishing is a contraction of the words ‘Password’, ‘Harvesting’ and ‘Fishing’. Fraudsters phish in order to gain confidential data from unsuspecting internet users. This may, for example, be access to e-mail account data, online sales platforms or internet banking.
SMishing
Similar to SIM swapping, SMishing has seen an increase recently. SMishing is a portmanteau of ‘SMS’ and ‘phishing’, and generally refers to the misuse of SMS, but increasingly also of instant messaging apps like WhatsApp, as an attack vector for stealing sensitive data such as access data, passwords, credit card details, and account information. The fraudulent message will typically ask you to click on a link or call a phone number in order to ‘verify’, ‘update’, or ‘reactivate’ your account. However, the link leads to a bogus website and the phone number leads to a fraudster pretending to be the legitimate company.
Social engineering
Social engineering attacks take advantage of people’s helpfulness, credulity, or lack of self-confidence in order to prompt them to perform certain actions.
Social Engineering is still one of the key drivers for many fraud attacks and it is extensively used by all types of cybercriminals. This technique uses deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes. Social engineering has increased in both volume and sophistication.
Fake news
‘Fake news’ fraud is nothing new. Dis-information is false information shared with the explicit intention to deliberately mislead its audience. Fake news is distributed to lure us in and encourage us to click on malicious links or even call the fraudster directly. This kind of news has become even more popular during the pandemic due to the increased need for information.
Supply chain & third-party fraud risk
The diversified supply chain that characterises the technology industry today provides new opportunities for threat actors to take advantage of these complex systems and exploit the multiple vulnerabilities introduced by a heterogeneous ecosystem of third-party providers. The idea is that key suppliers or vendors of a company or clients may be more vulnerable to attack than the primary target, making them weak links in the target’s overall network.
Modi Operandi "Fraudulent Investments"
Investment scams
Common investment scams may include lucrative investment opportunities such as shares, bonds, cryptocurrencies, rare metals, overseas land investments, or alternative energy. Fraudsters often pretend to be from reputable financial institutions by misusing the brand, setting up fake websites and e-mail accounts, and creating false documents. Another scenario is ‘Pig butchering’, which is a combination of romance scam and investment fraud. With this modus operandi criminals build a trust relationship with the victim (mainly over social media platforms) and convince them to invest savings in fraudulent cryptocurrency trading platforms. The scam is perpetrated over time, resulting in the loss of large amounts of money.
Crypto fraud
Cryptocurrency has gotten lots of attention as a new way to invest, but keep in mind, scammers are taking advantage of people’s understanding (or not) of crypto investments and how they work. As the popularity of cryptocurrency continues to rise, so do the online scams associated with those digital currencies. When there are large amounts of money to be made or lost, that is when scammers come in. Cryptocurrency investment scams can happen in many ways, but they’re all full of fake promises and false guarantees.
Online fraud
As the popularity of internet shopping and online auctions grows, so the number of complaints about transactions is increasing. Some of the most common complaints involve:
- buyers receiving goods late, or not at all
- sellers not receiving payment
- rented apartments, holiday homes do not exist
- buyers receiving goods that are either less valuable than those advertised or significantly different from the original description
- failure to disclose relevant information about a product or the terms of sale.
If you are a victim of shopping or auction fraud, the most immediate problem is that you have no real prospect of returning the goods or having your money refunded. After this, there is a risk that your identity details could be compromised. Fraudsters could steal your identity and use it to access your personal finances or obtain goods or finance from alternative sources.
Advance fee fraud
Advance fee frauds involve victims paying money in the hope of receiving something of greater value. This type of fraud takes on a myriad of forms, but they share some characteristics in common. Defrauders will often reach out to an investor and offer to pay an exorbitant price for securities owned by the investor, even if these securities are nearly worthless. The investor is sometimes referred to fake website that the defrauder uses to build credibility. The defrauder may pose as a regulator. Once the investor has paid a fee, the defrauder will disappear, and the investor loses the money that they paid.
Elder fraud
Each year, millions of elderly people fall victim to some type of financial fraud or confidence scheme, including romance, lottery, and sweepstakes scams, to name a few. Criminals will gain their targets’ trust and may communicate with them directly via computer, phone, and the mail; or indirectly through the TV and radio. Once successful, scammers are likely to keep a scheme going because of the prospect of significant financial gain.
Modi Operandi "Payment Fraud"
Business e-mail compromise (BEC-/CEO-Fraud)
Business e-mail compromise or transfer fraud is a type of scam where fraudsters search for existing electronic invoices in compromised e-mail accounts of individuals or company employees, or accounts of an online collaboration platform, give them a different IBAN and resend them.
So-called “CEO fraud” is an unscrupulous scam tactic. It involves company employees with direct payment authority receiving an e-mail from one of their superiors asking them to initiate a payment to a certain recipient as soon as possible. In reality, though, the sender address is faked, with a fraudster hiding behind it.
SIM swapping
SIM swapping is a new trend. This modus operandi has received considerable attention recently, with law enforcement agencies noticing a significant rise in cases in the EU. SIM swapping is a type of account takeover and refers to the circumvention of SMS-based two-factor-authentication to access sensitive user accounts. Criminals fraudulently swap or port the victim’s SIM to one in the criminal’s possession in order to intercept the one-time password (OTP) step of the authentication process.
Authorised push payment scam (APP)
Authorised push payment (APP) scams happens when a person or business is tricked into sending money to a fraudster posing as a genuine payee. These types of scams can have a devastating impact on the people who fall victim to them. Criminals’ use of social engineering tactics through deception and impersonation scams is a key driver of authorised push payment scams. Typically, this involves the criminal posing as a genuine individual or organisation and contacting the victim using a range of methods including via the telephone, email and text message. Criminals also use social media to approach victims, using adverts for goods and investments which never materialise once the payment has been made.
Ransomware
Ransomware (also known as encryption trojans or blackmail trojans) is a specific family of malware, which encrypts data on the victim’s computer and on network shares, thereby making the data unusable for the victim. The ransomware subsequently displays a ‘locked screen’ requesting that the victim pay a specific sum in the form of bitcoins (internet currency) to the attackers so that the data can be decrypted.
Vishing (remote/teleworking support scams)
Many financial institutions have recently been facing a strong increase in ‘teleworking support scams’, whereby the fraudster pretends to be from the IT support team of the bank and asks for remote access to a person’s IT infrastructure at home. The attack is combined with fraudulent e-mails containing malicious links. Fraudsters want the victims to click on their links. Malware is subsequently installed on their computer. The same modus operandi can be used to get the credentials to e-banking accounts (vishing = voice phishing).