Cryptojacking group TeamTNT is leveraging compromised Amazon Web Services credentials to attack its cloud environments through the platform’s API, according to researchers from Unit 42 at Palo Alto Networks.
Some 26 million passwords were exposed in a 1.2 terabyte batch of data found by NordLocker, a security company. It's workaday botnet data, but it highlights a hostile malware landscape, particularly for people still inclined to download pirated software.
The Identity Theft Resource Center, a nationally recognized nonprofit organization established to support victims of identity crime, has published new research that shows nearly 30% of people who contact the ITRC are victims of more than one identity crime.
It is particularly challenging for financial institutions to catch authorized push payment fraud. But behavioral metrics can play a big role in detecting these incidents, says Steve Ledford of The Clearing House.
FBI agent Elvis Chan dedicated four years to election security, and he doesn’t hesitate to say: The 2020 presidential election was "the most secure election of my career." He explains why, and what lessons learned we can apply to future elections.
A perfect storm is brewing for fraudsters. On one hand, the economic turmoil, triggered by the pandemic is increasing and accelerating insurance fraud. On the other, the insurance industry is moving many of its business processes online – which make the criminals happy. David Hartley of SAS Institute outlines how to...
The COVID-19 pandemic has led to an uptick in financial crimes, a sudden rise in digital banking activities and resources working from home. As a result, the AML landscape has become more challenging for Financial Institutions and other AML regulated entities.
How has the AML regulatory climate shifted most...
Preventing deepfake fraud while addressing customer digital onboarding ease-of-use concerns is a balancing act. Sanjay Gupta of Mitek discusses the challenge of juggling security and the user experience in digital banking.
A security researcher found more than 500 million Facebook records being offered for free on the darknet, exposing basic user information, including any phone numbers associated with the accounts. Facebook says this is “old data” previously reported as exposed.
Synthetic identity fraud is a pervasive yet ill-defined crime – hard to define as well as to detect. Greg Woolf of FiVerity discusses a recent initiative by the Federal Reserve in Boston to better define and therefore better manage SIF.
Organizations should go beyond one-time passwords to include other layers of authentication as they strive to mitigate the risk of synthetic ID fraud, says Amy Walraven, president of Turnkey Risk Solutions, a Newark, Delaware-based risk management company.
To mitigate the fraud risks posed by synthetic IDs, banks should use consumers' devices to help with authentication, says Karen Boyer, vice president of financial crimes and fraud intelligence at People’s United Bank, based in Connecticut.
In financial services, there is a stark difference between defending against authorized versus unauthorized fraud incidents. James Hunt of Bottomline Technologies discusses the schemes and how to respond with a more dynamic prevention strategy.