Forensic Readyness - trap building.
In preparation for the largest Openair Festival (Music) in Switzerland we got int of fraud in preparation for the fully cashless event. The cashless function is integrated in the event app and runs over QR and NFC.
Both Google Play and iOS App Store we got in touch already to monitor both Apps. But I expect the fraud either over Fishing Emails for credentials or over Cydia/Jailbroken devices. The critical timeframe is July 5-7th (http//
So we prep for Forensics Readyness. Traps are the new black from my boss.
We question ourselfs how can we as fast as possible detect the very earliest beginning of these fraud activities? 50k daily visistors (2017) are worth to early-prepare.
Three timeframes to split
1) PreEvent - ticket sale and cash preloading
2) WhiEvent - show time
3) PosEvent - payback by IBAN
This issue is sensitive, you know my slogan (do you?). Discussing here on FF would may have two effects. To know the adversaries that we are in place, to change their TTPs or to do something unknown.
Its May 22nd, time till June (PreEvent cash preloading starts).
Who in LEO globally had a similar project on the table? Please talk to me. Danke schön!