The malware industry supplies all the components cybercriminals need to easily perpetrate malware-driven financial fraud and data theft. In today's virtual world, the scope of organizations vulnerable to malware-driven cybercrime is quite broad. In addition to banks and credit unions that are subject to online banking...
Financial institutions, commercial enterprises and government organizations are all prime targets for cybercrime. Malicious software, or malware, is the primary attack tool used by cybercriminals to execute account takeover attacks, steal credentials and personal information, and initiate fraudulent...
The most recent Federal Financial Institutions Examination Council (FFIEC) supplement states that "...controls implemented in conformance with the guidance several years ago [the 2005 original guidance] have become less effective," and clarifies that "...malware can compromise some of the most robust online security...
Advanced payments technologies, such as chip cards, tokenization and end-to-end encryption, are effective at stopping card fraud at retailers, but only if they're used as part of a comprehensive threat-mitigation plan, says First Data's Paul Kleinschnitz.
The primary approaches used to fight advanced threats over the past several years simply aren't effective. Traditional methods such as user education, vulnerability patching, and malware detection have failed to protect enterprises against the current threat landscape. Attackers continuously develop sophisticated...
Cybercriminals are leveraging vulnerabilities of the Internet, browsers, operating systems, and applications to secretly and proficiently gain access to corporate information assets. Compromising employee endpoints with malware has become the preferred method; a far simpler path into the corporate network than a...
Enterprises are unprepared to deal with APT attacks. According to a new Ponemon Institute study, APTs are changing the threat landscape, rendering current security controls ineffective.
In Advanced Persistent Threats (APTs) and targeted attacks, attackers use a myriad of tools and techniques to breach into an...
A bank's $350,000 settlement with a California oil company should serve as a reminder that reasonable security measures offered by banks are increasingly critical to the outcome of account takeover disputes.
Several U.S. card issuers confirm that new alerts from Visa suggest the P.F. Chang's China Bistro breach could date back to September 2013, some two months before the attack that compromised Target.
Consumers see the advantage of accessing banking capabilities from their mobile device. However, today's mobile devices lack security to stay ahead of the evolving mobile threat landscape. Cyber criminals will continue to target the mobile channel with sophisticated attack techniques and new emerging techniques in the...
P.F. Chang's confirmed card breach has renewed debate about the state of security at U.S. merchants. The PCI Council's Bob Russo says that while there has been progress in recent months, the retail industry still has a long way to go.
An appellate court ruling in favor of a bank in a dispute over account takeover losses dating back to 2010 has broad implications for financial institutions. Legal experts analyze the case.
Identity fraud is one of consumers' most feared crimes, and at banks those schemes translate into application fraud. FICO's Adam Davies discusses today's common application fraud scams and how to stop them.
We've been talking about shifting away from legacy mag-stripe technology and a move toward EMV chip cards for the last decade in the U.S. So is it too late, or is there still hope for EMV?
"Banks can play offense, to use mobile in a justifiable way to engage customers into their security," says Jim Van Dyke of Javelin Strategy & Research. He outlines a strategy for using mobile devices to enhance fraud detection.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.