Financial frauds have increased in tandem with the increased number of online transactions. Detecting fraud in any sector is critical for keeping customers' money safe as well as reducing financial losses and keeping the company profitable. This short article outlines the nature and extent of the problem, and the various investigative tools and methodologies used by Intelaw to address the issues. 

Most organisations' fraud control and risk control  units focus primarily on data analysis and artificial intelligence. AI models assist in rejecting transactions outright or flagging them for further investigation, as well as detecting potential fraud by detecting anomalies or deviations from "normal" behaviour or patterns. 

Still, we see growing fraud trends in each year, especially with the increase in internet fraud we've seen each year, to the point the organisation are registering complaints about these incidents with law enforcement and more focusing on registering such complaints as compliance matters and focusing on fraud awareness sessions. When we look at fraud incidents and hear customer stories, we can see that the majority of them are in the hands of fraudsters due to information leakage within the organisation. Yes, we agree that customers are not supposed to share personal information, and organisations will not request personal information from customers. However, how do fraudsters know what services they used on the same day and what loans they have registered for?

On a global scale, the Association of Certified Fraud Examiners estimates that organisations lose 5% of their annual revenues to fraud. On an annual basis, this amounts to nearly $5 trillion lost to fraud.

Insider fraud could account for up to 40% of these losses, amounting to a $2 trillion annual loss. Insider fraud incidents are especially damaging to organisations, with the average cost reaching $412,000.

 

*Source: PwC’s Global Economic crime and Fraud survey 2022

 

*Source: PwC’s Global Economic crime and Fraud survey 2022

 

Internet and Card frauds  of the year 2021-22 

	2019-20		2020-21		2021-22
Area of Operation	Number of Frauds	Amount Involved	Number of Frauds	Amount Involved	Number of Frauds	Amount Involved
Card/Internet	2677	129	2545	119	3596	155

*Source: Annual Report of RBI 2021-22 Amount in Cr

 

 

Economic Crimes, Crime  Head wise 

Criminal Breach of Trust (Sec.406 to 409 IPC)	Counterfeiting (Secs.231-243, 255 & 489A to 489E IPC)	Forgery, Cheating & Fraud (Secs.420, 465, 468, 471, 231-243, 255 and 489A to 489E IPC)	Total Economic Offences
17358	672	127724	145754

*Source: National Crime Records Bureau.Report:2020, Amount in Cr

 

Professional investigators and forensic experts use the following end to end fraud prevention services to encompass the entire business cycles to ensure that no potential weakness is overlooked:

1. Integrity investigations of the employees and vendors

2. Due Diligence services 

3. Digital Forensics

4. Data Analytics 

5. Cyber Security services

Intelaw has advanced tools and forensic investigators to conduct the cyber forensic investigations. 

1. Network Forensics: We have advanced tools like tcpdump, wireshark, network miner, splunk, snort etc that monitor the environment if there is anomalous traffic, perform forensic analysis and get a clear picture of their environment. We detect suspicious activity in the network and some unwanted transactions of data or confidential information.

2. IP address tracing: We have advanced tools like Solarwinds IP Address Tracker, GestioIP , advanced IP Scanner, Angry IP Scanner  and other tools to find out where the data packets are going. Intelaw will analyse and trace the IP address and tell the details of each device connected to your computer. The exact IP address will also tell the approximate longitude and latitude or ISP.

3. Email Header Analysis: Intelaw will analyse any email header to trace out the IP Address & location of the sender in cases of malicious messages, such as in phishing attacks. This tool works for an email header extracted from any client site such as Gmail, Yahoo or Outlook. 

4. Malware: Intelaw understands that hacking is one of the easiest ways to do unethical activity and thus, we have a team that not only deducts the malware present in the computer but also the type of malware and how it ended up at this location. Intelaw also took essential steps to remove the malware from system, network or from other spread. 

5. Footprinting and Reconnaissance: Intelaw uses open source software as well as commercial softwares for the information gathering process. It would be the first step taken prior to any type of cases. It will be useful as a blueprint to understand the security and potential vulnerabilities with regard to the given cases.

6. Configuring important security for prevention of data theft: Intelaw covers all the three ways to provide high internal security which includes deterrence, detection and post breach forensics. Some of the tools are : Active Directory, Endpoint protection system, Intrusion prevention system, Intrusion detection system, Web filtering solution, Traffic monitoring software, Spam filter, Privileged access management system, Encryption software, Password management policy and system with at least two-factor authentication, Call manager, Data loss prevention system, Enable mailbox journaling on your Exchange Server, preferably with e-discovery software installed.

 

Disclaimer : All the tools used by Intelaw Consulting Pvt Ltd are ethical and contain a proper licence number (in case of commercial tools). Most of the tools are recognized by the Government of India and other governing bodies of different countries as a reliable source and admissible in court of law. Both commercial and open source tools are used for Forensic and Ethical/White Hat Hacking purposes by the consent of the “client”. Tools and software installed would be verified and completely secure in nature.