To build systems shielding users from fraudulent (or phishing) websites, designers need to know which attack strategies work and why. This paper provides the first empirical evidence about which malicious strategies are
successful at deceiving general users. We first analyzed a large set of captured phishing attacks...
Information Security Media Group, Corp. is launching a new sister website specifically for the credit union community - CUInfoSecurity.com. The new site organizes the latest credit union information security related regulations, news, articles, white papers, industry related events, webinars, education and resources...
Dr. Jakobsson is also Associate Director of the Center of Applied Cybersecurity Research, and the founder of RavenWhite, Inc. He is the inventor or co-inventor of more than fifty patents, has served as the Vice President of the International Financial Cryptography Association, and is a Research Fellow of the...
Banking via telephone and wireless mobile devices has become an important delivery channel for financial institutions. As with Internet banking, telephones and wireless devices afford great convenience for bank customers, but unfortunately they too are prone to phishing and other forms of attack.
The Federal...
Data breaches were hitting the headlines almost every week in 2006, with an estimated 100 million records compromised due to security breaches over the 100 million mark, according to the Privacy Rights Clearinghouse, which tracks breaches dating to the ChoicePoint incident in 2005. With all the press coverage and...
Financial institutions can expect increased scrutiny on information security policies in 2007 as regulators devise new oversight standards.
In December, the Public Company Accounting Oversight Board (PCAOB), which establishes rules for compliance with Sarbanes-Oxley, proposed a new standard for Sarbox section...
The arms race against phishers, strengthening firewalls, FFIEC authentication deadline issues and the constantly evolving risk management model were among the many topics covered by the FINSEC 2006 conference speakers last week in New York.
The security strategies and tools and techniques presentations covered in...
Wish List from Financial Institutions to Our Customers
As the weather outside gets colder and the year draws to an end, we're thinking of what would be some of the things we'd like to give and receive as gifts during the holidays. While your personal list may be longer than this, here's the 12 things we wish all of...
Wish List from Financial Institutions to Our Customers
As the weather outside gets colder and the year draws to an end, we're thinking of what would be some of the things we'd like to give and receive as gifts during the holidays. While your personal list may be longer than this, here's the 12 things we wish all of...
The Interagency Guidelines Establishing Information Security Standards as per Gramm-Leach-Bliley Act (GLBA) of 2001 require each bank to have a comprehensive written information security program that includes administrative, technical, and physical safeguards appropriate to the size and complexity of the bank and the...
The Gramm-Leach-Bliley Act (GLBA) contains a rule, known as the Safeguard Rule, under which the Federal Trade Commission and other federal agencies have established standards for financial institutions relating to administrative, technical, and physical safeguards for customer information. The objectives are to ensure...
Visa is mounting a full-scale blitz to encourage merchants to use payment software that doesn't compromise consumer passwords. The card company has asked merchants to ensure that the software they use to process card transactions doesn't store the full contents of "track data", which contains passwords and other...
The results are in, and BankInfoSecurity.com would like to present the Top 10 financial information security articles on this website from 2006. All articles have been posted since January, and include any articles through the last week in July.
Not surprisingly, the number one article referred to actual financial...
Exploitations that threaten security are on the rise. Every day, news stories document the rampant growth of attacks and exploits. The types of attacks vary - Denial of Service (DoS), buffer overflow, identity theft, session hijacking, website defacements, email viruses, worms, phishing scams, and the list goes on. ...
As the threat of computer-initiated attacks increases, and as regulators put more pressure on banks to shore up their information assets, financial institutions are turning toward outsourcing their information security functions to third party processors. These outsourcing deals, which are often part of a larger IT...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
