New bank trojan on a quest|
A new trojan, whose quest is targeting users of online financial services, has been reported by Kaspersky Labs. The Neverquest trojan is similar to its nefarious counterparts but is unique in its own right. The trojan is pre-configured to target 28 global banking and popular online payment websites. It can also identify sites visited by victims that contain banking-related keywords such as balance, checking account, and account summary, and send the identified content back to the attackers. In addition, its self-replication capabilities provide the potential for increasingly widespread attacks. CIO has the details.
Big Bitcoin heist
The value of virtual currency Bitcoin fluctuates but last week cybercriminals chose a recent peak to steal 96,000 Bitcoins from illicit underground bazaar Sheep Marketplace. The Bitcoin value peaked at $1,203 per coin and at the current exchange rate of $1,102 coin, that's a loss of more than $100M. Sheep Marketplace has since been shut down and the attackers have taken some sophisticated steps – including a popular tactic used for online bank account theft known as user-interface spoofing – to cover their tracks during and after the attack, reports Threatpost.
Costly call center cons
Scams targeting financial institution call centers are on the rise and have had a costly impact in 2013. According to a new report released by Pindrop Security, telephone-based fraud in the first half of 2013 equaled the volume of phone fraud reported in all of 2012. Banks are the biggest targets for phone fraudsters with one in every 2,500 calls to financial institution call centers found to be fraudulent. On average, every call that a financial call center receives results in an estimated loss of 57 cents to some form of fraud. Even more staggering, in the first half of 2013 the reported average potential loss from phone fraud per financial account was $42,546. eWeek has the details and more on this growing threat to financial institution call centers.
Prepaid cards compromised
Many businesses and government agencies use prepaid cards in lieu of paper checks to pay employees and issue tax refunds, unemployment compensation, and other benefits. JPMorgan Chase has notified approximately 465,000 of its prepaid card users that their personal information has been compromised in a network breach. Hackers targeted JPMorgan's online UCard portal and stole card data that was registered on the site between July and September 2013. The primary concern in this case is even though JPMorgan encrypts card data, the personal data believed to be compromised may have been temporarily stored in plain text files, reports ZDNET.
Seasonal skimming alert
Bigger is not always better and sometimes it's the simplest things in life that are most extraordinary. Such is the case for a simple but effective Point-of-sale (POS) skimming device uncovered by Krebs on Security. The skimmer can be easily and quickly installed by thieves posing as customers or even a disgruntled employee. With the holiday retail season in full swing, make sure your business customers are on the lookout for potential skimming devices and other fraudulent activity.
Bolstering omnichannel banking
NCR Corporation is strengthening its position as the global fintech solutions provider with its acquisitions of online and mobile banking solutions provider Digital Insight and fraud prevention company Alaric Systems. Digital Insight currently boasts 12 million online banking users and 4.7 million mobile users. By making these tools available to its customers, along with the Alaric's fraud prevention tools, NCR plans to develop an enterprise software platform that will encompass all banking channels, including mobile, online, branch and ATM. Banking Technology has the details.
We have watched some trends come and go this year but one trend that is still going strong - and expected to gain even more traction in 2014 - is the growth of the digital currency Bitcoin. The world's first Bitcoin ATM launched in Canada in October and rumor has it the first digital currency kiosk in the United States could soon deploy in Boston, reports ATM Marketplace. The exploding growth of virtual currency draws increased interest from cybercriminals and others who are looking for ways to chalk up some digital ka-ching. Bitcoin-mining malware is being installed on users' computers - with their permission under the software terms of service or end-user license agreement (EULA).
CSO has the details.
Paperless loan processing low
In an effort to cut costs, go green, or accommodate consumer demand for more convenient services (or all of the above), institutions are increasingly turning to paperless processes. While eliminating paper makes sense in most areas, banks are finding the management of loan documentation without paper a bit challenging. A recent survey conducted by document imaging provider AccuSystems revealed that only 12 percent of the banks surveyed have completely paperless loan documentation procedures, reports Bank Systems & Technology.
Bank tech in 2014
In just a few weeks we will be ushering in another new year bright with the possibilities of fresh beginnings, personal and professional resolutions, and new investments in bank technology. 2014 is the Chinese Year of the Horse - let's hope it's not the year for trojan horses! In addition to improving technology to ward off increasingly sophisticated cyber attacks Bank Systems & Technology has some of the top bank technology trends we can expect to see in 2014.
Updates, Patches and Alerts...
US-CERT: Current activity
InfoWorld: Botched Outlook 2013 patches
Help Net Security: D-Link patches critical vulnerability in older routers
On the lighter side ...
Expensive and cumbersome musical equipment is no longer required to assemble a band. Get a group of Apple users together and form an iBand to play some holiday tunes.
|In the Banker Store|
CD ROM Training
Social Media –
Your Actions based
on Proposed Guidance
CD ROM Training
Online Banking Security: How Crooks Get Around It
Avoiding Fraud Loss at the Front Line