New Hampshire customers of TD BankNorth were notified earlier this week that their Visa debit or credit cards have been compromised, and the likeliest culprit is the recent Hannaford Brothers Supermarkets security breach.
"We became aware during the last few days that there was some fraudulent activity on some of...
Phishing, vishing, whaling - there are a growing number of electronic social engineering threats to unsuspecting consumers and their identities. Financial institutions and their customers increasingly are targets of these attacks. But they're also fighting back.
Listen to this interview to hear:
What are the...
As financial institutions continue to migrate their services and operations online, the Office of the Comptroller of the Currency reminds national banks and their technology service providers about the importance of application security as a component of an information security program.
A new OCC bulletin...
Let's cut to the chase: PCI compliance for retailers, banks and service providers is hard.
Michael Gavin, security strategist at Security Innovation, a PCI QSA and ASV assessment firm, offers his insights on PCI compliance struggles, i.e. the Hannaford breach, and the reality that there is no absolute security. A...
The Federal Bureau of Investigation (FBI) released a comprehensive new report on mortgage fraud that doesn't paint a pretty picture of what's happening in the housing market.
The facts stare out from the page - mortgage fraud is on the rise. The agency has no central way to track the total extent of mortgage fraud,...
The era of Suspicious Activity Reports (SARs) in the United States began with the Annunzio-Wylie Anti-Money Laundering Act of 1992, which required regulated financial institutions to report transactions that they suspected might involve illicit funds or purposes.
You may ask yourself every time you complete a SAR,...
Imagine the scenario: Your institution has a customer who does all of his banking online -- bill pay, transfers, account balances. This customer calls after seeing an unauthorized transaction. After tracing the account transfers, which were wired overseas, you find the customer's computer loaded with crimeware. Your...
Here's the situation: You have to hire a new CISO for your financial institution. Which is better: to hire a banker who can be trained in information security, or to hire an information security professional who can be trained in banking?
We posed this question to a group of industry experts and professionals,...
Just over two years ago, Brian Huntley arrived at Camden National Bank in Maine, charged with responding to regulatory guidance and transforming the bank's information security risk assessment program from one that was threat-based to one that is now asset-based.
Diana Kelley, partner at Security Curve, an information security advisory company that performs PCI audits shares her insights into the PCI issues facing both financial institutions and retailers.
Kelley, a former information security analyst at Burton Group, was previously an information security advisor at top...
More than 5,000 customer records from 40 international financial institutions were discovered last month on a computer server in Malaysia.
Dubbed a "crime server" by Finjan, the information security vendor that discovered it, this machine held more than 1.4 gigabytes of business and personal data stolen from...
Let the countdown begin.
As of May 1, U.S. financial institutions have just six months left to comply with the new Identity Theft Red Flag Rules, which (among other things) mandate new levels of documentation, training and awareness.
Red Flags is one of the top regulatory priorities of the year, and for many...
With the recent Hannaford data breach, the Payment Card Industry Data Security Standard (PCI-DSS) has come into question - how effective is it really?
Bob Russo, general manager of the PCI Security Standards Council recently shared his views on what happened at Hannaford, as well as other topics.
Data loss prevention (DLP) is a challenge for institutions of all sizes. But not all banking/security leaders understand the scope of the threat, where it originates and how best to eradicate it. In this interview, DLP expert Jared Thorkelson discusses:
What's most misunderstood about DLP;
The greatest sources of...
Given the news in recent weeks - the controversy surrounding New York's ex-Gov. Eliot Spitzer, the $15 million fine assessed against United Bank for Africa, PLC - we knew the crime of money laundering had taken on a life of its own.
But who knew that it also had crept into Second Life?
Real crimes in the virtual...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.