Internet-related crime,
like any other crime, should be reported to appropriate law enforcement investigative
authorities at the local, state, federal, or international levels, depending
on the scope of the crime. Citizens who are aware of federal crimes
should report them to local offices...
Andrew Miller - BankInfoSecurity.com Editor
In October, the Federal Financial Institutions Examination Council (FFIEC) issued guidance for authentication in the Internet banking environment. Financial institutions are expected to achieve compliance by year-end 2006. The guidance states: "The agencies consider...
How likely are you to be wooed into a false sense of security by a friendly face or the promise of a cash prize?A friendly, wholesome-looking team of surveyors recently set up shop in New York’s Central Park on behalf of RSA Security to find out how much personal information consumers would give up while...
In our ten years’ experience in detecting, locating, and prosecuting network intruders (hackers) we have seen that, as with many offline crimes, robust law enforcement alone cannot solve the network intruder problem. To be effective, any overall strategy must include the owners and operators of the...
Think identity theft is the work of faceless cyber-crooks from foreign countries? Think again. Almost half of all ID theft is committed by relatives or close friends of the victim, new research shows.  The surprising information comes from a recent poll of 4,000 consumers conducted by a group led by the...
Give criminals credit for adapting. It has become clear that stealing personal information is easier, more profitable, and less risky than mugging or burgling them. Unfortunately, the effect of this realization on the criminal community is that phishing and identity theft continue their astonishing...
Since January 1, at least 104 data incidents have been documented in the U.S., potentially affecting more than 56.2 million individuals. And that is probably just the tip of the iceberg.How many breaches don’t make the front page because the victimized company wants to avoid embarrassing publicity? We will...
Most Internet users know spam when they see it, but the vast majority are unfamiliar with terms like “podcasting,†“phishing,†and “RSS,†according to a recent study.The Pew Internet and American Life Project research, based on random telephone interviews with 1,336 Internet users,...
Hackers have changed their tactics and are exploiting flaws in popular software applications – including security programs — to break into the computers of consumers, government agencies, and businesses. What’s new about this, you might ask? The key word is “applications.” ...
Omar A. Herrera Reyna – CISA, CISSP(omar.herrera@oissg.org)November 2005 (If you missed Security solutions for e-banking and e-commerce with credit/debit cards,- Part 1: Analyzing the Security Issues click here)While there are some good solutions available from a security perspective, I believe that we...
High-tech criminal gangs with access to sophisticated keylogging viruses pose a growing threat to banks and financial institutions.Recently, England’s High Tech Crime Unit foiled an effort to steal over $100 million from a Japanese bank in London. The gang gained access to Sumitomo Corp.’s computer...
Federal Deposit Insurance Corporation Division of Supervision and Consumer Protection Technology Supervision Branch June 17, 2005 This publication supplements the FDIC’s study Putting an End to Account-Hijacking Identity Theft published on December 14, 2004. Executive Summary and Findings Focus of Supplement...
We all know the threats posed by spyware to enterprise networks: user ID and password theft, financial loss, productivity drain, intellectual property theft. Security practitioners have two defenses at their disposal: the human and the technical. While the technology for combating spyware is improving, antivirus...
To help verify a user's identity in the case of a lost password, many Web applications use secret questions. By answering a pre-selected question, a user can demonstrate some personal knowledge of the account owner. A classic example is asking to provide a mother's maiden name.
Answering secret questions requires...
Omar A. Herrera Reyna – CISA, CISSP(omar.herrera@oissg.org)November 2005 IntroductionWith all sort of attacks against e-banking and e-commerce systems targeting primarily customers, securing transactions has become increasingly difficult for banks and online stores.There is a widespread use of credit and...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.