Researchers: banks need better security
Monday, December 22, 2008
Thanks to an earlier Trojan attack on Firefox users that attempted to steal online-banking passwords, some are suggesting financial institutions such as Bank of America and Chase need a more security on their websites.
Analysts at Gartner, a security consulting firm, said they think cybercriminals will use a previous malicious code and improve on it to access online bank accounts, Information Security magazine reports.
This refers to a report earlier this month of a Trojan that was disguised as Mozilla Firefox plug-in, first reported on December 3rd. The malicious program was activated each time a user opened the browser and sent banking login information to a server located in Russia.
"Many banks aren't employing a layered security approach that consists of stronger user authentication, fraud detection (and user behavior modeling) and out-of-band transaction verification. Layered security would prevent criminals from using harvested data to compromise accounts," wrote the analysts in a recent report.
In an effort to inform users quickly, Gartner also suggests bank CIOs send out email or text alerts to customers to inform them of security breaches or vulnerabilities, the magazine reports.
Related News:
Password security a tall order for many web users - 1.22.2010
A recently released study from tech researcher Imperva showed that the most popular password among users whose accounts were compromised in the recent RockYou data breach was as follows: 123456.
Facebook fixes "wrong friends list" mobile network security glitch - 1.22.2010
CNET reports that social media network Facebook has repaired a problem in the mobile version of its service that caused some mobile users to have full access to the friends lists of unassociated users.
Automated phishing scam hits bank customers - 1.14.2010
Phishing attacks do not target victims exclusively via email, experts say, pointing to a recent rash of automated phone calls that attempted to convince victims to give up sensitive banking information.
Scammers ride aftershocks of Haiti catastrophe - 1.14.2010
The Federal Bureau of Investigation has issued a warning to those who want to contribute to earthquake relief efforts in Haiti, saying that cyber criminals and other types of scam artists are trying to take advantage of an outpouring of humanitarian support.
Banking Trojans finding new vector with fake Outlook alerts - 1.11.2010
A spurious alert purporting to come from Microsoft Outlook has cropped up in recent weeks, according to a maker of email filtering software.
|
