Would your customers recognize and detect a well-designed phishing site that was targeting them? The unfortunate answer is probably not. Phishing websites designed with high credibility fooled a high percentage of participants in a recent study. “Why Phishing Works,†a white paper authored by researchers...
Comptroller of the Currency John Dugan told an audience of bank risk managers earlier this week because their goals are so closely aligned to those of the regulators, the regulations and guidance issued by the agencies can support them in meeting their institutions’ objectives.
Dugan said regulators can...
The Office of Thrift Supervision (OTS) issued guidance this week on gift cards offered by OTS-regulated thrift institutions. The guidance assists institutions in ensuring adequate account administration, marketing, and sound consumer disclosure practices for gift card programs.
The guidance encourages more uniform...
Authors of a proof of concept paper called "Drive By Pharming" say that by viewing a malicious web page users can set off changes in a broadband router or wireless access point, making the computer connected to it susceptible to attack.
The paper, authored by researchers Zulfikar Ramzan, from Symantec, and Markus...
To build systems shielding users from fraudulent (or phishing) websites, designers need to know which attack strategies work and why. This paper provides the first empirical evidence about which malicious strategies are
successful at deceiving general users. We first analyzed a large set of captured phishing attacks...
Are financial institutions implementing the multifactor authentication laid out in the FFIEC Guidance? That was one of the issues discussed at the RSA panel presentation, "37 Days After the FFIEC Guidance Deadline." The panel of banks, credit unions and industry experts talked about what it took to get this far, and...
Information Security Media Group, Corp. is launching a new sister website specifically for the credit union community - CUInfoSecurity.com. The new site organizes the latest credit union information security related regulations, news, articles, white papers, industry related events, webinars, education and resources...
Dr. Jakobsson is also Associate Director of the Center of Applied Cybersecurity Research, and the founder of RavenWhite, Inc. He is the inventor or co-inventor of more than fifty patents, has served as the Vice President of the International Financial Cryptography Association, and is a Research Fellow of the...
Banking via telephone and wireless mobile devices has become an important delivery channel for financial institutions. As with Internet banking, telephones and wireless devices afford great convenience for bank customers, but unfortunately they too are prone to phishing and other forms of attack.
The Federal...
Data breaches were hitting the headlines almost every week in 2006, with an estimated 100 million records compromised due to security breaches over the 100 million mark, according to the Privacy Rights Clearinghouse, which tracks breaches dating to the ChoicePoint incident in 2005. With all the press coverage and...
Financial institutions can expect increased scrutiny on information security policies in 2007 as regulators devise new oversight standards.
In December, the Public Company Accounting Oversight Board (PCAOB), which establishes rules for compliance with Sarbanes-Oxley, proposed a new standard for Sarbox section...
From GLBA to the ID Theft Red Flags Rule, information security awareness is a lynchpin of banking regulatory guidance. Register for this webinar to learn:
The fundamentals of an information security education program;
How to structure your program to satisfy the requirement and the need;
How to prepare and...
This workshop will expand on many of these areas and present practical and proven approaches many institutions have adopted in order to comply with Section 501(b) of GLBA and Section 216 of Fair and Accurate Credit Transaction Act. In the course of this workshop, we will provide detailed "best practices"...
The arms race against phishers, strengthening firewalls, FFIEC authentication deadline issues and the constantly evolving risk management model were among the many topics covered by the FINSEC 2006 conference speakers last week in New York.
The security strategies and tools and techniques presentations covered in...
Wish List from Financial Institutions to Our Customers
As the weather outside gets colder and the year draws to an end, we're thinking of what would be some of the things we'd like to give and receive as gifts during the holidays. While your personal list may be longer than this, here's the 12 things we wish all of...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
