November 6, 2009
Update covering October 30 - November 5, 2009
Welcome to Tech Talk! In this edition, Tech Talk Editors Andy Zavoina and John Burnett write about ACH scams, an offer of free security, a bank IT ID thief, and much more.
Our selections from this week's tech news:
- Bank busted by ACH scam
- When customers are mules
- Handling scam email
- A promising free offer
- Going after market share
- Making PayPal pay off
- ID thief ripped off charities
- A new wrinkle in ransomware
|
- A case of worms
- Very expensive laptops
- Ten tech tips
- Flogging for dollars
- So successful it hurts
- Leftover October patches
- When you can't leave XP behind
- and on the lighter side...
|
Get the details below.
|
Join
Andy Zavoina
in a 2-hour
LIVE Webinar
Wednesday,
November 18th
Speedier Lending with e-Disclosures
Lending disclosures are more burdensome now than ever before. To get through these requirements as quickly and cost effectively as possible, you may want to consider making disclosures electronically. In this webinar we'll review the requirements of E-Sign and what you can do to comply. We'll follow through with examples of how these requirements affect your disclosures for approved and denied loans.
Can't attend?
Order the CD ROM of the program now.
|
Payment Card Industry Data Security Policy Template
|
On the lighter side ...
When you have a hard problem, and we don't mean hardware, send your employee the best tech support you have, IT Cat. YouTube has the video.
|
ACH scam causes bank failure
Dwelling House Savings and Loan was shut down by federal regulators in August, and its operations were taken over by PNC Bank. That would not be remarkable in a year that has seen 115 bank closures so far, except for the fact that Dwelling House was done in not by bad loans or the sour economy. It succumbed instead to ACH fraud.
Read the details in this Business Finance magazine article.
If your bank is a FedACH customer, you owe it to yourself to look into the Fed's Risk Origination Monitoring Service, which can help identify and thwart ACH scams like the one that took down Dwelling House. You can start by reviewing an article in the November 2009 edition of FedFocus. If your bank isn't a FedACH participant, find out if your ACH operator offers similar monitoring capabilities.
Could your customers be money mules?
We mentioned money mules in our September 18 Tech Talk. Now the FBI warns of an increase in work-at-home scams and fraudulent ACH transfers. Do you have customers employed to "process payments" or "transfer funds"? Your tellers and CSRs should be listening for those buzz words. Read more on the FBI's website. A supplemental article in NetworkWorld indicates about $100 million has been stolen so far, and offers insight into how scammers have chosen their targets. Read more details on this cyber threat in NetworkWorld.
Scam emails: Delete or call?
Local police in Central Texas are advising those who receive some scam emails to contact the FBI because of jurisdictional boundaries. One such email claims to be an attempt to collect on a debt. Police say online scams are so common, just delete them and get on with your day, or call the FBI. You can get the details on the collection scam message and the referral to the FBI at KWTX.com.
Safer online banking, free
U.K. security company Prevx has a deal for you. It is a package that has software capable of blocking malicious programs such as Zeus, SilentBanker and Mebroot/Sinowal/Torpig. It works even if the PC it's installed on is already infected. It has an additional security layer that works within SSL technology and an anti phishing feature prevents logon credentials from being entered into a suspect website. Best of all, it is free for banks! Read more at Computerworld and decide whether you want to get more information.
Bridging the gap for better market share
Millennials (ages 18-29) and baby boomers (ages 45-63) have different expectations when it comes to meeting their banking needs. So says a Microsoft-sponsored study, "Millennials and Baby Boomers Banking Channel Preference Survey 2009," completed by KRC Research of Washington, D.C. The delivery channels preferred by the two groups differ. If you want to capture one or both of these markets, consider what this study reveals. Get more information at Reuters.
While we're on the topic of identifying target markets, PSCU Financial Services, based in St. Petersburg, Florida has more than 1,300 financial institution clients nationwide. It is a coop owned by more than 600 credit unions and more than 900,000 online banking customers. PSCU launched an iPhone app for mobile banking, taking direct aim at the huge iPhone/iPod Touch user market. Read more at creditandcollectionnews.
PayPal expansion
PayPal is having its first ever developer conference this week in San Francisco. It is asking software developers to expand the ways in which PayPal customers can use their accounts. Recognizing the growing market of cell phone use for purchases, PayPal wants to make it as easy as one-click on a phone to make a purchase. Increasing the share of micro payments is also on their agenda and income may still be shared with website operators. Read more in The New York Times.
|
Late-breaking news
Microsoft announced today that its November Patch Tuesday cycle will include six bulletins, three of which will be rated Critical. For details, see Microsoft's Security Bulletin Advance Notification. |
IT ID theft
An IT worker at the Bank of New York has been charged with 149 counts of ID theft. Adeniyi Adeyemi allegedly used the identities of 150 employees of the Bank of New York Mellon to defraud charities, non-profits and others for over $1.1 million over an eight year period. You can read more about how Adeyemi carried out his scheme in InformationWeek.
Ransomless ransomware
Symantec is warning users of a new variation on a "hostage" threat to your computer files. We wrote last week about LoroBot, which infected a computer, encrypted files, and requested payment for the key. Trojan.Ramvicrype now encrypts files, but offers no payment solution. But there is a resolution to recover your files. Read CNet News for the answers.
Do you have worms?
The Microsoft's Security Intelligence Report released this week indicates that in the last ten months the number of computers infected with worms has more than doubled. Trojans are still the most prevalent type of malware, however. You can read more on the threat environment including faked anti-virus programs at SCMagazine.
A supplemental article on Microsoft's report indicates that many cybercriminals simply seek out old vulnerabilities that users have neglected to patch. For details, read PCWorld.
The true cost of a laptop lost
The Ponemon Institute released a report that considered seven cost factors involved when a laptop is lost. The key concern is not the laptop itself, but the value of the data contained on it, and the cost of corrective action when that information is compromised. The cost estimate actually varies by industry but the ballpark figure averages just over $49,000. If reported timely the cost is much lower, but slower reporting increases the cost significantly. Read more on these costs and what you can do to mitigate risk, at CIO.
Ten tech security tips
As the year winds to a close, and you are already looking forward to 2010, you may be thinking about some annual security training (we all know that you need to do it more often, so don't get hung up over "annual"). Here is an article with ten things you may want to remind employees of, starting with proper use of email, keeping virus definitions up to date, patch management and more. And don't forget this advice should apply to every computer the employee uses for work -- desktop, laptop, smartphone (see below), etc. Read all about it in eWeek.
Smartphones, you can hack a Smartphone? Absolutely. We came across a recent article about attacks on "jailbroken" iPhones. It should be a wakeup call for all smartphone users. Read more in ZDNet.
Getting flogged isn't what it used to be
There was a time when flogging was a severe form of corporal punishment. Now there's a new meaning for the term, and the pain from today's floggings can be fiscal, rather than physical. In the parlance of the Internet, a flog is a fake blog. Flogs are being used to both sell products and capture bank account information. The FTC recently issued guidelines aimed at this type of advertising and is in the middle of investigations now. Read more on what your customers may be falling for on MSNBC.
Catastrophic success
The good thing about getting your website up and used is that you are reaching customers. But when you reach too many customers, or you just grow in popularity, you can become a target. Excessive use or becoming a target for a denial of service attack can bring your website to its knees and even force you offline. Here are five steps you can take to keep your site up, from Computerworld.
And since your website is up, you may be looking to start a sister site, to reach even more customers. Consider registering that URL soon because at the current pace the Internet could be out of addresses by next year. There is a solution though, and you can read about it at FoxNews.com.
IE patch hangover
November's Patch Tuesday is coming up, but you may not be finished with Microsoft's October patches. This week Microsoft re-patched a critical bug in its Internet Explorer browser. While the bug doesn't affect huge numbers of users, there are two issues that arose with the first patch attempt. The first issue addresses scrambled Web page elements, and the other is a "Type Mismatch" script error on sites that use either VBScript or a mix of VBScript and JavaScript. CIO has more information.
Bug fixes were also released separately this week by Sun Microsystems for its Java Runtime Environment and Research in Motion for its BlackBerry Desktop Software. Computerworld has the details.
Windows 7 & XP mode
Windows 7, Microsoft's new operating system, is getting good reviews and is outpacing Vista in initial sales. However, it may still have some compatibility issues with older devices. The answer may be to use "XP mode," which can work with older USB devices and printers. There is a catch, though -- XP mode is not available in all versions of Windows 7, nor is every old PC able to run it. Read the details in NetworkWorld.
So, which version of Windows 7 is right for you? Are you looking for encryption or easier and more stable VPN access? Read more on how to make your selection at The Washington Post.
Not to be left behind, Mozilla has released a beta version of its Firefox browser that takes advantage of Windows 7 features. Read more at CNet Download.
|
Print Friendly Version!
Email This Article!
Discuss NOW!
