High-tech criminal gangs with access to sophisticated keylogging viruses pose a growing threat to banks and financial institutions.Recently, England’s High Tech Crime Unit foiled an effort to steal over $100 million from a Japanese bank in London. The gang gained access to Sumitomo Corp.’s computer...
Federal Deposit Insurance Corporation Division of Supervision and Consumer Protection Technology Supervision Branch June 17, 2005 This publication supplements the FDIC’s study Putting an End to Account-Hijacking Identity Theft published on December 14, 2004. Executive Summary and Findings Focus of Supplement...
We all know the threats posed by spyware to enterprise networks: user ID and password theft, financial loss, productivity drain, intellectual property theft. Security practitioners have two defenses at their disposal: the human and the technical. While the technology for combating spyware is improving, antivirus...
To help verify a user's identity in the case of a lost password, many Web applications use secret questions. By answering a pre-selected question, a user can demonstrate some personal knowledge of the account owner. A classic example is asking to provide a mother's maiden name.
Answering secret questions requires...
Omar A. Herrera Reyna – CISA, CISSP(omar.herrera@oissg.org)November 2005 IntroductionWith all sort of attacks against e-banking and e-commerce systems targeting primarily customers, securing transactions has become increasingly difficult for banks and online stores.There is a widespread use of credit and...
A. RISK DISCUSSIONIntroductionA significant number of financial institutions1 regulated by the financial institution regulatory agencies (Agencies)2 maintain sites on the World Wide Web. Many of these websites contain weblinks to other sites not under direct control of the financial institution. The use of weblinks...
National Security InstitutePopular E-Greeting Card Carries TrojanAn e-mail message that claims to hold a link to a greeting card is responsible for a recent series of “Trojan horse†cyber-attacks. The e-mail directs recipients to click on a link in order to pick up an e-card from a “secret...
New data shows that on average, businesses are spending an eye-popping amount of money every month in IT resources to fight the spyware plague.FaceTime Communications, an IT security provider, surveyed more than 1,000 IT managers and end users. The key finding: spyware and other unsanctioned downloads are...
Internet-related crime, fraud, and damage is going through the roof. Here we take a look at what Consumer Reports has named the four major online threats you need to defend against.VIRUSES AND WORMSOldies but goodies (baddies?), these have plagued computer users for nearly two decades. They typically infect computers...
George CapehartIn a previous column we talked about some of the characteristics of Web services systems that have implications for Information Security and identified some of the kinds of security problems that arise in systems that are implemented in this paradigm. One of the sets of problems that was mentioned...
New Viruses Target IMA security firm reports that in July alone, the number of viruses threatening instant messaging systems rose nearly 25%. The acceleration of IM viruses, long predicted by security experts, has come to pass, according to Akonix Systems; new outbreaks with names such as Rants, Prex, and Kirvo are...
According to recent government estimates, some 10 million people a year are victims of identity theft. Some sources estimate that annual losses related to identity theft total as much as: $50 million for individuals and $48 billion for businessesWhile these figures represent an average loss of only about $500 per...
TO:  Chief Executive Officers and Chief Information Technology Officers of National Banks, Federal Branches, Service Providers, Department and Division Heads, and Examining PersonnelPURPOSEThis alert is intended to raise awareness of an increasingly common Internet fraud called “phishing†and...
Many attacks in the past decade have focused on vulnerabilities at the network and operating systems level. Nowadays, hackers seem to be more closely focusing on application level attacks. There are several reasons for this.Too many network protocol suits are being used by organizationsOrganizations tend to use too...
Ever inventive, cyber-criminals who specialize in phishing scams are finding new ways to hook you and your personal financial information.The days of amateurish phishing expeditions filled with typos are long gone. It’s our hope that by learning of the latest techniques, you can stay one jump ahead of this...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
