{"id":8860,"date":"2020-10-01T18:30:54","date_gmt":"2020-10-01T15:30:54","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=8860"},"modified":"2020-10-01T18:30:54","modified_gmt":"2020-10-01T15:30:54","slug":"money-laundering-schemes","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/money-laundering-schemes\/8860\/","title":{"rendered":"Siber su\u00e7lular bankalardan \u00e7ald\u0131klar\u0131 paray\u0131 nas\u0131l akl\u0131yor?"},"content":{"rendered":"<p>Bankalara ve di\u011fer finans kurumlar\u0131n\u0131 hedef alarak ger\u00e7ekle\u015ftirilen sald\u0131r\u0131lar baz\u0131 siber su\u00e7 gruplar\u0131 i\u00e7in bir montaj hatt\u0131 gibidir. Bir\u00e7ok ki\u015fi \u00e7al\u0131nan paran\u0131n izini s\u00fcrmenin genellikle imkans\u0131z oldu\u011funu bilir, ancak nedenini kimse bilmez. BAE Systems ve SWIFT \u00f6deme sistemi ara\u015ft\u0131rmac\u0131lar\u0131 taraf\u0131ndan haz\u0131rlanan ortak bir <a href=\"https:\/\/www.swift.com\/sites\/default\/files\/files\/swift_bae_report_Follow-The%20Money.pdf\" target=\"_blank\" rel=\"noopener nofollow\">rapor<\/a>, siber su\u00e7lular\u0131n \u00e7ald\u0131klar\u0131 paray\u0131 nas\u0131l aklad\u0131klar\u0131n\u0131 ayr\u0131nt\u0131lar\u0131yla anlat\u0131yor.<\/p>\n<h2>Paran\u0131n kayna\u011f\u0131 ve hedefi<\/h2>\n<p>Bankalara y\u00f6nelik sald\u0131r\u0131larda iki senaryo vard\u0131r \u2014 altyap\u0131 ve hesaplara yap\u0131lanlar veya ATM\u2019lere ve ilgili sistemlere kar\u015f\u0131 yap\u0131lanlar. Paran\u0131n sistemden \u00e7\u0131kar\u0131lma ve sonras\u0131ndaki aklama yollar\u0131 birbirinden biraz farkl\u0131d\u0131r, ancak \u00f6z\u00fc ve amac\u0131 ayn\u0131d\u0131r: Su\u00e7tan elde edilen paray\u0131 yasal olarak finansal sisteme geri sokmak.<\/p>\n<p>Kara para aklama s\u00fcreci genellikle \u00fc\u00e7 a\u015famadan olu\u015fur:<\/p>\n<ul>\n<li>Yerle\u015ftirme: Kurban\u0131n hesab\u0131ndan, doland\u0131r\u0131c\u0131lar\u0131n hesaplar\u0131na yap\u0131lan ilk para aktar\u0131m\u0131 veya \u00e7al\u0131nan nakdin hesaba yat\u0131r\u0131lmas\u0131;<\/li>\n<li>Ayr\u0131\u015ft\u0131rma: Paran\u0131n kayna\u011f\u0131n\u0131 ve as\u0131l sahiplerini gizlemek i\u00e7in tasarlanm\u0131\u015f bir dizi i\u015flem;<\/li>\n<li>B\u00fct\u00fcnle\u015ftirme: Aklanan paran\u0131n yasal veya yasad\u0131\u015f\u0131 i\u015flerde kullan\u0131lmas\u0131.<\/li>\n<\/ul>\n<p>Son a\u015fama \u2014 Aklanan paran\u0131n tekrar ekonomiye sokulmas\u0131 \u2014 bu ayr\u0131 bir yaz\u0131n\u0131n konusu olabilir, bu y\u00fczden burada ayr\u0131nt\u0131l\u0131 olarak ele almayaca\u011f\u0131z. Bununla birlikte ba\u015far\u0131l\u0131 bir sald\u0131r\u0131, paralar\u0131n \u00e7al\u0131nmas\u0131 ve yasalla\u015ft\u0131rma mekanizmalar\u0131n\u0131n kullan\u0131lmas\u0131n\u0131n \u00e7ok \u00f6ncesinde, dikkatli bir planlama yap\u0131lmas\u0131n\u0131 gerektirir. Bu ek bir a\u015famad\u0131r: Haz\u0131rl\u0131k.<\/p>\n<h2>Haz\u0131rl\u0131k<\/h2>\n<p>Siber su\u00e7lular, \u00e7al\u0131nan paralar\u0131 h\u0131zl\u0131ca hareket ettirebilmek i\u00e7in genellikle bireylere veya t\u00fczel ki\u015filere ait bir\u00e7ok hesap a\u00e7ar. Bu hesaplar, \u015f\u00fcphe \u00e7ekmeyen kurbanlara ait hacklenmi\u015f, doland\u0131r\u0131c\u0131l\u0131k operasyonuna kat\u0131lm\u0131\u015f ki\u015filere veya g\u00f6n\u00fcll\u00fclere ait hesaplar olabilir.<\/p>\n<p>\u0130kincisi ise genel olarak, basit tabirle, kurye olarak bilinir. Baz\u0131 sahte veya \u00e7al\u0131nt\u0131 belgelerle hesap a\u00e7mak i\u00e7in kurye kullan\u0131l\u0131r (Bankan\u0131n i\u00e7inden bilgi almay\u0131 gerektiren karma\u015f\u0131k bir g\u00f6revdir). \u0130stihdam b\u00fcrolar\u0131, taraflar\u0131 \u201cfon yat\u0131r\u0131mlar\u0131n\u0131 kolayla\u015ft\u0131rmak\u201d veya benzer belirsizlikteki i\u015f tan\u0131mlar\u0131yla bir araya getirebilir. \u00c7o\u011fu durumda kuryeler, yapt\u0131klar\u0131n\u0131n yasal olmad\u0131\u011f\u0131n\u0131 \u00e7ok iyi bilirler ancak yap\u0131lan \u00f6deme sebebiyle bunu g\u00f6rmezden gelirler. Ancak \u00e7o\u011fu zaman \u201csu\u00e7 ortaklar\u0131\u201d da aldat\u0131l\u0131r.<\/p>\n<h2>Yerle\u015ftirme<\/h2>\n<p>Siber su\u00e7lular \u00e7al\u0131nan paray\u0131 bir hesaba (k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m, sosyal m\u00fchendislik veya i\u00e7eriden bir ki\u015fiyi kullanarak) aktard\u0131ktan sonra kuryeler devreye girer:<\/p>\n<ul>\n<li>Potansiyel takip\u00e7ileri paran\u0131n kokusundan uzak tutmak i\u00e7in paray\u0131 ba\u015fka hesaplara aktarabilirler;<\/li>\n<li>Kendi ya da bir ba\u015fkas\u0131n\u0131n adresine \u00fcr\u00fcn sipari\u015f edebilirler;<\/li>\n<li>Paray\u0131 ATM\u2019lerden \u00e7ekebilirler.<\/li>\n<\/ul>\n<p>Bir \u015feyden habersiz kuryeleri cezbetmenin yolu onlar\u0131, yurtd\u0131\u015f\u0131na sat\u0131\u015f yapmayan ma\u011fazalardan \u00fcr\u00fcn sat\u0131n almak isteyen yabanc\u0131lara yard\u0131mc\u0131 olan ve uluslararas\u0131 kargoyla paket al\u0131p g\u00f6nderen bir \u015firkette \u00e7al\u0131\u015fmak \u00fczere i\u015fe almakt\u0131r. Bu t\u00fcr bir \u00e7al\u0131\u015fma, yerel polis kap\u0131y\u0131 \u00e7alana kadar bir veya iki ay s\u00fcrer.<\/p>\n<h2>Ayr\u0131\u015ft\u0131rma<\/h2>\n<p>Halkadaki su\u00e7 ortaklar\u0131 mallar\u0131 veya paray\u0131 ald\u0131klar\u0131nda, ganimeti yasalla\u015ft\u0131rmak i\u00e7in k\u00f6kl\u00fc su\u00e7 uygulamalar\u0131n\u0131 kullan\u0131rlar. \u00d6rne\u011fin para, konvertibilitesi y\u00fcksek bir para birimine (genellikle dolar) \u00e7evrilir; mallar ise (genellikle elektronik \u00fcr\u00fcnler) do\u011frudan al\u0131c\u0131lara veya ikinci el ma\u011fazalara sat\u0131l\u0131r. Elbette, d\u00f6viz b\u00fcrolar\u0131 ve \u00fcr\u00fcnleri sat\u0131n alan ma\u011fazalar\u0131n yasa d\u0131\u015f\u0131 i\u015flemleri tespit etmek i\u00e7in gerekli mekanizmalara sahip olmas\u0131 gerekir, ancak ya ihmal ya da i\u00e7eriden biri sayesinde bunlar\u0131n atlat\u0131lmas\u0131 m\u00fcmk\u00fcn olur. Ard\u0131ndan \u00fc\u00e7\u00fcnc\u00fc bir taraf, paray\u0131 plan\u0131n organizat\u00f6rlerine aktar\u0131r.<\/p>\n<p>Kuryeler yakalanabilir ve paylar\u0131na el konulabilir, ancak i\u015flemlerin b\u00fcy\u00fck bir k\u0131sm\u0131 \u2014 ve plan sahibi \u2014 bulunamazl\u0131\u011f\u0131n\u0131 s\u00fcrd\u00fcr\u00fcr.<\/p>\n<p>Daha sonra doland\u0131r\u0131c\u0131lar, paray\u0131 aklamak i\u00e7in m\u00fccevher veya metal sat\u0131n almak (bu i\u015fletmeler genellikle hala nakit i\u015flem yapmay\u0131 tercih ederler) veya bir kumarhanede fi\u015f al\u0131p satmak gibi \u201cklasik\u201d su\u00e7 y\u00f6ntemlerini kullan\u0131rlar.<\/p>\n<p>Para, yap\u0131lan transferler sonras\u0131nda nakde d\u00f6n\u00fc\u015ft\u00fcr\u00fclmediyse, s\u00fcrece k\u00fcresel olarak faaliyet g\u00f6steren paravan \u015firketler dahil olur. Bu t\u00fcr i\u015fletmeler genellikle finansal i\u015flemler \u00fczerinde s\u0131k\u0131 kontrole sahip olmayan veya para aktar\u0131mlar\u0131n\u0131n gizlili\u011finin kat\u0131 yasalarla korundu\u011fu \u00fclkelerde bulunur. Paran\u0131n b\u00f6l\u00fcnmesini ve farkl\u0131 para birimlerine d\u00f6n\u00fc\u015ft\u00fcr\u00fclmesini i\u00e7eren birka\u00e7 aktar\u0131m, paran\u0131n kayna\u011f\u0131n\u0131 belirsizle\u015ftirir. Bu \u015firketler yaln\u0131zca paravan \u015firketler de\u011fil, i\u015fleri k\u0131smen yasal olan kurulu\u015flard\u0131r.<\/p>\n<p>Yak\u0131n ge\u00e7mi\u015fte kripto para birimleri de kara para aklama ara\u00e7lar\u0131 listesine kat\u0131ld\u0131. Kullan\u0131c\u0131lar\u0131n i\u015flemleri ger\u00e7ekle\u015ftirmek i\u00e7in ki\u015fisel bilgilerini payla\u015fmas\u0131na gerek olmamas\u0131 siber su\u00e7lular\u0131 cezbetti. Bununla birlikte, para aklamak i\u00e7in kripto para kullanmak \u00e7ok da ideal bir y\u00f6ntem de\u011fildir: Kullan\u0131c\u0131n\u0131n anonimli\u011fi blok zinciri \u015feffafl\u0131\u011f\u0131n\u0131 beraberinde getirdi\u011finden, paran\u0131n \u00e7ekilmesi \u00e7ok fazla i\u015flem gerektirir. \u00d6rne\u011fin 2018\u2019de Lazarus grubu, bir kripto para borsas\u0131n\u0131 hackledikten sonra 30 milyon dolar \u00e7ald\u0131, ard\u0131ndan d\u00f6rt g\u00fcn i\u00e7inde farkl\u0131 c\u00fczdanlar aras\u0131nda 68 aktar\u0131m ger\u00e7ekle\u015ftirdi.<\/p>\n<h2>Uygulanabilir \u00e7\u0131kar\u0131mlar<\/h2>\n<p>G\u00f6rd\u00fc\u011f\u00fcn\u00fcz gibi, siber su\u00e7lular hesaplar\u0131, \u015firketleri, yasal yap\u0131lar\u0131, para birimlerini ve yarg\u0131 yetkilerini kontrol alt\u0131na ald\u0131klar\u0131 karma\u015f\u0131k, \u00e7ok a\u015famal\u0131 kara para aklama yollar\u0131 olu\u015fturdular \u2014 bunlar\u0131n hepsi birka\u00e7 g\u00fcn i\u00e7inde ger\u00e7ekle\u015ftirildi, baz\u0131 \u015firketler hacklendiklerinin bile fark\u0131nda de\u011fildi.<\/p>\n<p>Bu nedenle mant\u0131kl\u0131 olan, bankalar\u0131n bu durumu kendi sorumluklar\u0131na almalar\u0131 ve finansal sistemlerin hacklenme ve ele ge\u00e7irilme olas\u0131l\u0131\u011f\u0131n\u0131 en aza indiren siber g\u00fcvenlik altyap\u0131lar\u0131 olu\u015fturmalar\u0131d\u0131r. Bankalar ve di\u011fer finans kurumlar\u0131 i\u00e7in \u00f6zel olarak tasarlanm\u0131\u015f bir platform sunuyoruz: Kaspersky Fraud Prevention. Yaln\u0131zca kullan\u0131c\u0131 davran\u0131\u015f analizi ve finansal i\u015flem takibi sa\u011flamakla kalm\u0131yor, ayn\u0131 zamanda kullan\u0131c\u0131lar\u0131n kurumlar\u0131 arac\u0131l\u0131\u011f\u0131yla \u00e7al\u0131nan paray\u0131 aklama giri\u015fimlerini de izliyor. <a href=\"https:\/\/www.kaspersky.com.tr\/enterprise-security\/fraud-prevention?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">\u00c7\u00f6z\u00fcm hakk\u0131nda daha fazla bilgiyi kendi sitesinde bulabilirsiniz<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>H\u0131rs\u0131zlar \u00e7ald\u0131klar\u0131 paran\u0131n keyfini s\u00fcrmeden \u00f6nce, siber su\u00e7tan elde edilen paray\u0131 birka\u00e7 i\u015flemden ge\u00e7irmeleri gerekir. S\u00fcre\u00e7teki karma\u015f\u0131k ad\u0131mlar\u0131 anlataca\u011f\u0131z.<\/p>\n","protected":false},"author":2581,"featured_media":8861,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194],"tags":[2280,978,612,781,2281],"class_list":{"0":"post-8860","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"tag-aklama","10":"tag-bankalar","11":"tag-dolandiricilik","12":"tag-finans","13":"tag-kuryeler"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/money-laundering-schemes\/8860\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/money-laundering-schemes\/21942\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/money-laundering-schemes\/17417\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/money-laundering-schemes\/8612\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/money-laundering-schemes\/23366\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/money-laundering-schemes\/21564\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/money-laundering-schemes\/20177\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/money-laundering-schemes\/23962\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/money-laundering-schemes\/22926\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/money-laundering-schemes\/29171\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/money-laundering-schemes\/37175\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/money-laundering-schemes\/15733\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/money-laundering-schemes\/16129\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/money-laundering-schemes\/14003\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/money-laundering-schemes\/25255\/"},{"hreflang":"zh","url":"https:\/\/www.kaspersky.com.cn\/blog\/money-laundering-schemes\/12018\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/money-laundering-schemes\/26143\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/money-laundering-schemes\/22945\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/money-laundering-schemes\/28230\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/money-laundering-schemes\/28064\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/bankalar\/","name":"bankalar"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8860","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2581"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=8860"}],"version-history":[{"count":5,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8860\/revisions"}],"predecessor-version":[{"id":8877,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8860\/revisions\/8877"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/8861"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=8860"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=8860"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=8860"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}