23 May 2018
Uri Rivner

The Joy of Fraud Fighting

Uri Rivner - BioCatch

78Posts 372,416Views 36Comments
Innovation in Financial Services

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.

ZeusiLeaks Archives File 004: Earnings Season

28 February 2011  |  5525 views  |  0

In this ahort ZeusiLeaks file I’ll talk about why it’s not a good idea if you’re a public company and your PR agency has Zeus infected machines during earning season…

Quick reminder:

WikiLeaks, the largest leak of data the world has seen? Nonsense! Trojans like Zeus and SpyEye lurk on millions of personal, corporate and government PCs, stealing data 24 by 7. Everything you do online – either private or work related – is sent to a mothership half across the globe. Welcome to the ZeusiLeaks Archives, and look here for previous files.


Helen McDuffie (don’t look her up, I masked the name) works for a big New York based PR agency. The agency provides public relations services to many of the NSYE traded customers. Lets be clear: this sort of PR agency is exposed to quarterly and annual financial reports weeks before they are submitted to Wall Street and become public knowledge, as they help the public companies deliver the right message in press releases and analyst briefings.

If this sort of data is leaked out before it becomes public knowledge, the SEC will be all over it. Inside information is like fixed matches in sport games: it breaks the rules of the game.

It’s earning season, and Helen is super busy. She needs to work on press releases with her peers in the corporate PR departments of NYSE’s largest companies. It’s no wonder that while logging into her gmail account she also had 3 other conversations.

Equally as busy is the Zeus Trojan on Helen’s machine… More specifically, the keylogger function that is capable of grabbing not just the immediate session Helen works on (the gmail login) but also all other parallel conversations, which are typically done in some sort of messenger program.

The three conversations are totally not related. Take this one: “he ignored the recall and sold it to you anyway, right? Sue him, go to people’s court!” – which seems like a sound advice. The bastard.

Then you have a more relevant piece: “Hi Jenn, Next week’s a bit busy for me? We’re heading into earnings season with our clients here”.

And there’s a Trojan on my machine.

Now comes my favourite part: “Below is an interesting blog post from NYSE regarding cyber security around earnings. As you may be aware, there have been several companies…” – the conversation is cut, but you have to admit it’s totally ironic :)

It's earnings season - watch your cyber security! TagsSecurity

Comments: (0)

Comment on this story (membership required)

Latest posts from Uri

Brazil vs. Germany: A Surprising Find

12 July 2014  |  3970 views  |  1 comments | recomends Recommends 0 TagsSecurityMobile & onlineGroupInnovation in Financial Services

Sweetheart Scams: When Fraudsters Turn to Romance

30 June 2014  |  3244 views  |  0 comments | recomends Recommends 0 TagsSecurityMobile & onlineGroupInnovation in Financial Services

BitCoin Explained: How to Become a BitCoin Thief - part 1

04 December 2013  |  22703 views  |  1 comments | recomends Recommends 1 TagsMobile & onlinePaymentsGroupInformation Security

A Message from Hell

01 October 2013  |  3888 views  |  0 comments | recomends Recommends 0 TagsSecurityMobile & onlineGroupInnovation in Financial Services

Uri's profile

job title Head of Cyber Strategy
location Tel Aviv
member since 2008
Summary profile See full profile »
Internet. The perfect fraud frontier. These are the thoughts of Uri Rivner, head of Cyber Strategy at BioCatch and formerly Head of new technologies, identity protection, at RSA, the security division...

Uri's expertise

Member since 2008
78 posts36 comments
What Uri reads

Who's commenting on Uri's posts