ASIC - AIJA

Download Report

Transcript ASIC - AIJA 

Electronic Enforcement
Keith Inman
October 2000
ASIC
Australian Securities & Investments Commission
ASIC & Cyberspace
 Entry barriers to crime have dropped
–
–
–
–
ASIC
easy to use
cheap
access to a very large consumer base
anonymous
Trend?
Old economy scams
+ New economy scams
=
ASIC
Significant increase in volume
E-Scams
– Illegal Investment schemes
• IPOs without prospectus
• Free Stock offers
• High Yield Schemes
• Exotic Schemes
– Market Manipulation (Pump & Dump)
– Unlicensed advice (Financial Gurus)
– Non-Disclosure of interests
– Hawking Trading software
• Exaggerated claims
ASIC
• Unlicensed advice
Spam Email
ASIC
Bulletin Board Postings
Independent Relay Servers
ASIC
Bulletin Board Postings
Spam Email
ISPs
IP 1
#1
ASIC
IP 2
#2
Suspect 2
Suspect 1
The Challenge?
 Trace the source
– Postings on BBs
– SPAM emails
 Understand the technology
– Content Providers
– ISPs
– Telecommunication Carriers
 Gather & present evidence
ASIC
The Challenge?
Dog years !!!
– 1 day = 1 month
ASIC
What is ASIC doing?
ASIC
Leverage Web technologies
 Internal Learning & Development
 Consumer Education
 “Self Help” Resources
 Detection
ASIC
Electronic Enforcement Unit
(EEU)
 Small, national team
“Centre of expertise”
 Dedicated resources
Legal
Investigative
Technical
ASIC
 National volunteer network of 60
staff
 Specialized web tracing/forensic
computing training
 Linked through an intranet site
ASIC
EEU Intranet
ASIC
ASIC Scam Site?
ASIC
ASIC Scam Site - results?
 11,000 visitors between April 1 and April 30
 1200 asked for more information
 233 wished to invest
 $4.02 million pledged to scam
ASIC
‘Self Help’ Resources
 On-line consumer advice
 Due diligence searches
– “Look left and right before you click..”
ASIC
Detection
 ASIC’s “Web Hound” Project
 Automatically
– identify “high risk” web sites
– assess & aggregate the risk
– analyze risk associated to mentioned
entities
– identify and refer high risk matters
ASIC
Public
Search Engines
Internet
Content Gathering
Query
Collect
Public
Data Collection
Risk
Assessment
Analyse
ASIC
Corporate
DBs
Report
Secure
AIR GAP
Sought after tools
 Use of equipment for search
warrants
– Mirror Imaging
 Retention of ISP records
 Monitoring by ISP
 Removal of internet material
 Removal if ISP services
 New offence for SPAMMING
ASIC
Electronic Enforcement
Keith Inman
October 2000
ASIC