Скачать презентацию Trade Me Trust and Safety Compliance Governance Liaison Скачать презентацию Trade Me Trust and Safety Compliance Governance Liaison

639c0efd6a7403a0a69ee2acd378cd65.ppt

  • Количество слайдов: 47

Trade Me Trust and Safety Compliance Governance Liaison Trade Me Trust and Safety Compliance Governance Liaison

Trust & Safety Trust & Safety

Why? Giving money to someone you don’t know for something you haven't seen So? Why? Giving money to someone you don’t know for something you haven't seen So? Make people feel safe. People transact where they feel safe. Safety builds trust. Without their trust, there is no business.

How? • Skilled Staff • Online tools • Good Processes • Good Liaison (Govt. How? • Skilled Staff • Online tools • Good Processes • Good Liaison (Govt. /Private)

Online Advice Online Advice

Self Policing Self Policing

Everybody can be a sheriff Everybody can be a sheriff

FEEDBACK RATING ADDRESS VERIFICATION FEEDBACK RATING ADDRESS VERIFICATION

Fraud Indicators • Sales acceleration • Mass use of “buy now's” • Multiple credit Fraud Indicators • Sales acceleration • Mass use of “buy now's” • Multiple credit cards per member • Multiple memberships per credit card • Many auctions for new member • Multiple high risk items (laptops/PS 2/Mobile phones) • New Members selling vehicles • Members asking to many questions on classifieds • Members offering to sell to many car parts • And on and on

General Complaints screen General Complaints screen

Quarantine Auctions/membership Quarantine Auctions/membership

Government Liaison Government Liaison

July Govt. contacts Police 76 Med Safe 3 WINZ 1 IRD 25 ECCA 1 July Govt. contacts Police 76 Med Safe 3 WINZ 1 IRD 25 ECCA 1 Land Transport New Zealand 1 Commerce Commission 1 MAF 2 Military Police 1 NZ Food Safety Authority 1 Civil Aviation Authority 1 Ministry for Culture and Heritage 3 Courts Govt Total in Last Month 41 (26) 98

Police Liaison (80% of Contact) • Counterfeit and pirated goods • Selling stolen goods Police Liaison (80% of Contact) • Counterfeit and pirated goods • Selling stolen goods • Receiving • Identity theft • Credit card fraud • Money laundering • False pretences • Obtaining by deception • Buying items for offences against M. O. D. A, (clan lab equipment) • Accessing computer systems • Using computer for dishonest purposes

Snapshot of July Liaison Police • Woman threatening to kill herself and children. • Snapshot of July Liaison Police • Woman threatening to kill herself and children. • Homicide in Auckland. (login activity). • Sale of home made pepper spray. • Child Pornography

July Liaison – Other • Sale of Speleotherms – (WEG) • Bio security – July Liaison – Other • Sale of Speleotherms – (WEG) • Bio security – stock movement – (AHB) • Sale of Medicines/devices – (Med Safe) • Introduction of new organism – (MAF) • Lasers for plane spotting - (CAA) • Home kill meat – (NZFSA) • Unsafe dirt bikes – (MCA) • Sale of wild animals – (DOC)

Information Release • Privacy Act Principle 11 e • Specific • Protection, prevention, investigation Information Release • Privacy Act Principle 11 e • Specific • Protection, prevention, investigation prosecution/enforcement of the law

Current Fraud/Compliance Issues Current Fraud/Compliance Issues

Offshore Scammers Phishing Offshore Scammers Phishing

Innocent Seller Sneaky Phishers 1. Scammer makes purchase and obtains acc no. 3. Scammer Innocent Seller Sneaky Phishers 1. Scammer makes purchase and obtains acc no. 3. Scammer contacts seller advises $ in wrong acc. Please refund. Scammer 2. Scammer sells non existent item, buyer puts money into legit account Innocent Buyer

Car Scammers Stage One - Present Good Ad Car Scammers Stage One - Present Good Ad

Stage Two - Build Rapport Stage Two - Build Rapport

Stage Three – Send false payment details Stage Three – Send false payment details

Stage Four – Reel them in Result: Victim all the while aware he should Stage Four – Reel them in Result: Victim all the while aware he should not be passing money via anon payment method, pays 3 x $7000 prior to seeing any proof the car existed. Result: T. M , new daily alert for new members listing a vehicle.

Money Laundering 1. Victim advertises for flat mate 2. Reply from South Africa 3. Money Laundering 1. Victim advertises for flat mate 2. Reply from South Africa 3. 3 month tenancy agreed to be paid in advance 4. Travelers cheque arrived and cashed 5. Victim advised that to much money sent by mistake and refund can be sent by money gram 6. Bank advises cheque is counterfeit

Phishing Inroads Members Banned Those with Auctions Removed % Of Auctions April 571 141 Phishing Inroads Members Banned Those with Auctions Removed % Of Auctions April 571 141 307 0. 0071 May 596 143 377 0. 0092 June 422 116 329 0. 0077 July 456 68 164 0. 0036 August 254 17 32 0. 0007

What’s having the effect? • 24 Hour Policing • Direct contact with hosting sites What’s having the effect? • 24 Hour Policing • Direct contact with hosting sites • Agency Interaction and information sharing • Continued education • Direct Contact with affected members • Collation and alerts of offending I. P’s • I. S. P blocking of I. P’s

NZ Based Offenders & Scammers NZ Based Offenders & Scammers

GOING THE EXTRA MILE • Offence Reports • Summary of Facts • Affidavits • GOING THE EXTRA MILE • Offence Reports • Summary of Facts • Affidavits • Evidence preparation • Depositions • Court Presentation

Detection/Identification Unique Identifiers Financial Info Investigation PC identifiers Feedback/ Questions GEO IP Information Investigations Detection/Identification Unique Identifiers Financial Info Investigation PC identifiers Feedback/ Questions GEO IP Information Investigations Staff Quarantine Police Prosecution Removal

Offender Identification Level One Between memberships (Links) Level Two From memberships to offender in Offender Identification Level One Between memberships (Links) Level Two From memberships to offender in dock (Banks, Computers, buyers)

Current Prosecution Geoff Selby • April – May 07 Set up four false memberships Current Prosecution Geoff Selby • April – May 07 Set up four false memberships • Sale of engines/gear boxes • Encouraged victims outside of auction process • Contact via wanted advertisements • Ten victims - $16, 000 • Two bank accounts • File prepared • Selby Chased all over country

Wanted Advertisements v Auctions Captive Audience Wanted Advertisements v Auctions Captive Audience

Result Geoffrey Selby arrested Appeared in Court 13 August New Alert in toolbox (Any Result Geoffrey Selby arrested Appeared in Court 13 August New Alert in toolbox (Any member posting more than two classified messages within 24 hours. )

Bank Video Richard Cullum -Convicted August 2007 Bank Video Richard Cullum -Convicted August 2007

LEGISLATION Deception Section 240 (1) (a) – Obtains by Deception Every one is guilty LEGISLATION Deception Section 240 (1) (a) – Obtains by Deception Every one is guilty of obtaining by deception or causing loss by deception who, by any deception and without claim of right obtains ownership or possession of, or control over, any property, or any privilege, service, pecuniary advantage, benefit, or valuable consideration, directly or indirectly Penalty 7 yrs – 1 yr - Over $1000 Over $500 3 months - Under $500

LEGISLATION Computer Related Offences Crimes Act section 249 (1) Directly or indirectly, dishonestly accesses LEGISLATION Computer Related Offences Crimes Act section 249 (1) Directly or indirectly, dishonestly accesses computer system obtains property or causes loss 7 Yrs Crimes Act section 249 (2) Directly or indirectly, dishonestly accesses computer system with intent to obtain property or cause loss 5 Yrs

Judiciary taking notice Christopher Cullum Police Accesses a Computer X 14 Non existent Laptops Judiciary taking notice Christopher Cullum Police Accesses a Computer X 14 Non existent Laptops $14, 000 12 Months Imprisonment Full reparation No Home Dtn Bianca Judge Police Accesses a Computer x 2 < $1000 (Long history) 10 Months imprisonment Anthony Sutton Police Obtains by Deception x 3 $1720. 00 180 hrs Community Service Full Reparation Aaron Mc. Donald Police Obtains by Deception x 3 >$3000 6 Months Imp. Leave for Home ‘D’ after 2 months Mark Wright Police Receiving, Poss. class ‘A’, Theft, Obtaining by Deception, Importing class ‘C’. 2 yrs 8 months

Mark Hayes Empty Avondale House 1. Hacker steals trader’s identity – likely via trojan Mark Hayes Empty Avondale House 1. Hacker steals trader’s identity – likely via trojan or key stroke logger. 2. Hacker buys item via hijacked identity. 3. Hacker accesses hi-jacked bank account. 5 Trader Seller 6 4. Hacker pays seller & they ship goods. 5. Address is empty Avondale house. 6. Hacker picks up goods. 7. Hacked bank customer contacts bank. 2 1 The Bank 4 3 Hacker 7 Internet Banking Customer

Convicted Penalty: 2 yrs 11 Months Estimated three times that had charges been laid Convicted Penalty: 2 yrs 11 Months Estimated three times that had charges been laid for non computer specific offences. Appealed Dismissed

Appeal on Sentence Dismissed (Nov 06) Para 76 - Factors to take into account Appeal on Sentence Dismissed (Nov 06) Para 76 - Factors to take into account when sentencing for these matters: 1. 2. 3. 4. 5. 6. 7. Loss to business enterprise Financial/emotional harm Costs incurred relating to security and risk management Loss of confidence in business enterprise Loss of confidence in computer systems generally Effect of undermining use of computers in commerce Possibility of harm continuing after apprehension (e. g. - Virus)

Simpson Grierson’s commentary/review “There is a public interest in providing strong sanctions against behavior Simpson Grierson’s commentary/review “There is a public interest in providing strong sanctions against behavior which could inhibit or undermine the use of electronic communication devices both generally and, more specifically, in commerce”

QUESTIONS QUESTIONS