Investigators can trace online banking fraud by studying what cyber criminals are likely to do
During an online banking fraud investigation, you’ll need to use all of the tools at your disposal to get to the bottom of what really happened.
As you can imagine, following cyber criminals in their footsteps and tracking them down will require extensive knowledge of the different types of online banking fraud we’ve covered above as well as advanced cyber security concepts.
The tricks of the trade
For starters, hackers and cybercriminals often spoof their IP to avoid detection and avoid the consequences of having their real-life identities revealed.
Since outright cracking a password by using brute forcing can be quite challenging, they often resort to more stealthy means such as infecting the victim’s computer with malware or using social engineering techniques in conjunction with phishing to trick them into handing over the password voluntarily.
Getting past the defenses
Note that obtaining the password is often not enough. In case the victim also has a second layer of protection in place such as 2-factor authentication, the hacker also needs to bypass that before having the ability to seize control of their online bank account.
If this is the case, they will need to get a hold of one of the following (whichever applies):
- The victim’s email account
- The victim’s smartphone or SIM
- The victim’s biometric scans
As you can imagine, this is extremely difficult, even more so than cracking the password.
In practice, the most efficient method of bypassing the secondary layer of protection is for the hacker to either steal or copy the target’s SIM card or somehow convince the telecommunications company to re-issue it and send it to the hacker’s address.
If this methodology was indeed used, it might be worth it to follow the trail and investigate who called the telecommunications company.
Start with where the clues are the most likely to be hidden
In truth, a law enforcement agency may have absolutely no clue to start with.
To make matters worse, the appointed investigators may sometimes lack the technical knowledge necessary to progress with the investigation.
Therefore, a good way to proceed is to place yourself in the hacker’s shoes and ask yourself where they’ve most likely left a trace.
So what to do when you have no clue how to proceed? Start with where the clues are the most likely to be hidden.
If you know that the hacker connected to the victim’s online bank account, you can get a court order for the administrators to reveal the hacker’s IP address (you may need to analyze the server logs yourself).
Then, you can use IP lookup services to pinpoint the geographical location of the IP. Bear in mind that any decent hacker knows how to spoof their IP by using a VPN or other IP masking solutions, so this might also lead you to a dead end.
The phone number
The next thing to try is attempting to trace the hacker’s phone number if you know the hacker used some kind of social engineering techniques to obtain the victim’s SIM card.
Get a court order and the telecommunications company will be obliged by law to hand over the details regarding who called them and what they requested, along with direct recordings of the conversation.
Then, it’s only a matter of connecting the dots and seeing if you can connect the caller’s number to their real-world identity. Once again, if the hacker used a payphone, this may be another dead end. But it’s worth a shot.
The ATM CCTV footage
If all else fails, know that you can sometimes catch criminals when they try to withdraw stolen money through an ATM.
To do so, you can monitor the suspect’s bank account and its corresponding withdrawal history. Then, once you’ve noticed that someone has used an ATM machine to withdraw the money in cash, track down where exactly the ATM is located and get access to CCTV footage (most of them have cameras built-in).
Once again, the suspect may try to wear sunglasses, a hood, or even a mask to conceal their face, but if not, you can use facial recognition technology to uncover their true identity and apprehend them.