|
Sharp Rise In Phishing Attacks On Indian Banks
Online Fraud Rises By 185%
Losses to online banking fraud have reached a record high, figures published have revealed. See Apacs report.
Even French President Becomes Online Fraud Victim!
Serious Security Flaws Found In Over 75% of Online Banking Sites!
What we have been saying to our clients privately for well over year and half, is now public information.
After examining 214 bank web sites, researchers at University of Michigan have found over 75% of them had design flaws, that could pose security risks for their customers. Worse, according to the study the flaws are not the bugs that can be easily fixed with a patch but are systemic, stemming from the flow and layout of the sites.
Report added: current set of web security analysis and design techniques still leave significant security gaps.
Editor's comment: Please take note: being design related flaws, usual security and penetration testing fails to uncover them!
US Authorities Busted Largest Hacking and Identity Fraud Case In The World!
Recently US Authorities busted the largest identity fraud case - 40 million payment cards were stolen by an international criminal gang. Wireless computer networks were hacked and "sniffer" programs were allegedly installed at point-of-sale.
This is believed to be the largest hacking and ID theft case ever prosecuted by the Department of Justice (DoJ) of USA.
Hacking Arrests Doubled In Japan
Hacking arrests have more than doubled in Japan, according to figures released by Japan's Ministry of Justice. See the coverage.
But Largest Ever Internet [DNS] Flaw Means Even More Identity Thefts and Man-In-The-Middle-Attacks!
Last few months have been very difficult for everyone involved in online security in=ustry. DNS Cache Poisioning vulnerability means security experts were kept very busy. Tens of thousands of servers have been patched - and many more yet to be fixed. This subject is one of the most widely covered and discussed security issue of recent times.
2FA Has Failed, Mutual/Site Authentication Has Failed And SSL Is Compromised!
What Should Banks Do Now? What Industry Experts Recommend?
We keep wondering why should any bank still buy or implement only the 2FA? As we know, 2FA only provides stronger user authentication.
Even regulators now demand stronger user authentication/2FA AND Fraud Detection system! After all, banks need not only to safeguard against identity theft, but also against the fraud, man-in-the-middle attack, and verify the transaction source and data accuracy. It is obvious from all of the above therefore that banks need multi-layered, integrated transaction security and fraud prevention solution - which includes 2FA! Is there any surprise therefore why almost all industry experts including Gartner recommend what they do?
Gartner research has famously recommended on this subject [September, 2007], which many industry regulators have already endorsed: "Implement complementary technologies, including fraud detection and stronger authentication and transaction verification methods to protect customer identities against all types of attacks ranging from account takeover, phishing, pharming and simple Spyware attacks to more-sophisticated Man-In-The-Middle (MITM) and Trojan attacks."
For detailed discussion on how to go about selecting the right transaction security & online financial fraud prevention solution, please refer our recent newsletters issue 18A and 18B.
Note:1. For ReadiMinds' list of awards and industry recognitions, please see the left column.
2. Online Security threats arises from spamming, spoofing, sniffing, hacking, key logging, phishing, middleman interception, mutating virus, worms and other forms of malwares. Frequency of such attacks is only increasing with each passing day.
|
