经济学人369:黑客归来 银行业者为抓坏蛋化身卧底(在线收听

  Banks and fraud
银行与骗子
Hacking back
黑客归来
Bankers go undercover to catch bad guys
银行业者为抓坏蛋化身卧底
Funny, you don't look like a banker
搞笑,你看起来并不像银行业者
FIVE years ago MI5,Britain's security service, sent a document to British firms, giving warning that Chinese spies could be seeking to “exploit vulnerabilities such as sexual relationships” among Western businesspeople. Moneymen are obvious targets for honey traps, but they can set them too—as they are increasingly doing to catch cyber-fraudsters.
5年前,英国的安全部门军情五处向英国的公司发送了一个预警文件:中国间谍可能正寻找西方商人可利用的弱点,如性关系。显而易见,美人计是冲着经融家来的,但银行家们也可以使用反间计,正如他们为了抓住网络间谍所做的那样。
银行与骗子.jpg
A midsized American bank has taken a leaf out of Ian Fleming's book with a project, known internally as “Honey Banker”, to smoke out fraudulent payments. It has created a coterie of non-existent bankers, with fake e-mail addresses and biographies, whose details appear on bogus web pages not linked to the rest of the bank's website. If a transfer request comes in to one of these aliases, it is likely to be from a fraudster. The bank blocks the sender's internet address, pending further investigation.
美国一家中型银行仿照Ian Fleming书中的一个计划,行内称为“蜂蜜银行家”,类似为取蜂蜜而用烟将蜜蜂熏赶出蜂巢那样查出欺诈性付款。这一计划创造了一个不存在的银行家的小群体,他们使用虚假的邮箱地址和生平事迹,他们的详细资料刊登在虚假的网页上,且这些网页没有链接到其他的银行网站。如果有人将转会申请提交给其中一个化名银行家,他就有可能是个骗子。银行就会封锁申请者的网络地址,以等待进一步调查。
Though not yet widespread, this sort of counter-intelligence tactic is becoming more common as banks look for creative ways to ensnare the online scammers, says Aaron Glover, a fraud expert at SunTrust, another American bank. Some banks have hired professional spies, as HSBC did when it employed a former head of MI5.
就职于另一家美国银行SunTrust的防骗专家Aaron Glover说,这种反间谍策略尽管还未被广泛使用,但随着银行寻找创造性的方法来诱捕网络骗子,这种策略正变得越来越普遍。正如汇丰银行以前聘请军情五处的前负责人那样,一些银行已经聘请了专业的间谍。
The amount a fraudster can steal depends on the number of “mule” accounts—set up by paid or cajoled accomplices—that he has to divert funds into. This number is constrained by account-opening restrictions, including requirements that accounts have to be opened in person. East European crime rings will pay mules to fly toAmerica, where they can set up accounts as non-resident aliens. Other fraudsters will persuade gullible Americans to open accounts in their own name and hand over the details, after convincing them that they have been picked as “secret shoppers” to rate bank service. Even so, “scammers have a finite supply of mule accounts,” says Mr Glover. “The more of them that can be identified and shut off using undercover operations, the less room [criminals] have to operate.”
诈骗者能够窃取的数量取决于洗钱账户的数目,这些账户由收买的或诱骗的共犯开设的,而诈骗者必定会将资金转入这些账户。账户数目受到开户条件的限制,包括必须由本人人亲自去开户。东欧的犯罪团伙花钱雇佣洗钱者飞往美国,并使用偷来的身份证以非定居的外国人身份开设账户。其他诈骗者将劝说易被骗的美国人去以他们自己的名义开户,在说服他们之后,他们就被选为用来评价银行服务的“神秘顾客”。 Glover先生说,“即使如此,诈骗者拥有限量供应的洗钱账户。卧底行动若能辨识并关闭越多的洗钱账户,那么诈骗者所能运作的犯罪空间就越少。”
Banks are also using similar strategies to infiltrate the dark recesses of the internet in which criminals buy and sell stolen financial data. A fraud investigator at a large American bank says that since the massive theft of credit-card data last year from Target, a retailer, his bank has become a more active participant in “carder forums”, where card numbers are hawked for between $20 and $100 apiece, often in batches of 1m or more. Two recent sales were dubbed “Tortuga” and “Eagle Claw”.
银行也使用类似的策略渗透到互联网的黑暗角落,罪犯在这里购买和出售偷来的财务数据。一个美国大型银行的欺诈调查员说,自从去年从一个名为Target的零售商店那里发生大量盗用信用卡数据的事件后,他所在的银行变得更加活跃的参与 “持卡人论坛” ,在这里人们叫卖信用卡号从每个20美元到100美元不等,通常一次性交易一百万串卡号或更多。最近的两次交易代号为“龟岛”和“鹰爪”。
Some banks scour the forums in the hope of gathering intelligence on which of their cards have been compromised, so they can cancel them before they are sold on—as opposed to waiting for suspect transactions to appear on statements. A few banks are even believed to have bid in black-market bazaars to buy the details of cards they suspected they issued themselves, but could not identify for certain because details were concealed until purchase, in order to learn more about where and when data breaches occurred.
一些银行搜索着论坛,希望收集到关于他们的卡已经被盗用的情报,这样一来就可以在这些卡在黑市上交易之前注销它们,而不是一味的等待出现可疑交易的报告。有人认为,一些银行为了更多的了解数据泄露是何时何地发生的,甚至在黑市上竞购那些疑似本行发行的卡的详细信息,但他们不能完全确定,因为这些详细信息在竞购到手之前都是保密的,。
This subterfuge partly reflects the need to be more proactive in the face of rampant cyber-fraud. But there is a regulatory motive, too.America's Financial Crimes Enforcement Network, the arm of the Treasury tasked with fighting illicit finance, has been broadening its definition of money laundering, bankers say. This raises the prospect of large fines for inadequate anti-money-laundering controls for banks that aren't deemed to be doing enough to combat these scourges. Some bankers may feel they have as much to fear from the agencies that regulate them as from the criminals who infiltrate them.
这一策略一定程度上反映了更积极的面对猖獗的网络诈骗的必要性。但也有治理的目标。银行家说,财政部负责打击非法金融的武器,既美国金融犯罪调查合作局,已经放宽了洗钱的定义。这使得银行可能被认为在应对反洗钱控制方面做的不足而面临高额罚款。一些银行家可能会觉得,管理银行的机构与入侵银行的罪犯一样令人担忧。

  原文地址:http://www.tingroom.com/lesson/jjxrfyb/business/261710.html