BANKERSONLINE.COM MAIN PAGE             Print Friendly Version!    Email This Article!    Discuss NOW!
December 2, 2011

Welcome to Tech Talk!
Here are the selections Tech Talk Editors George Milner and Teri Wesley have collected from this week's tech news:

  • Gameover for banks
  • Robin Hood op targets banks
  • Carding business busted
  • Banking on tablets
  • A picture's worth
  • Time to pay
  • Consumers vs risky retailers
  • Card-stealing trojan
  • Future cyber threats for FIs
  • Spam, Scams & Breaches
  • Updates, Patches and Alerts...
  • and on the lighter side...
  • Get the details below.
    Gameover for banks
    ZeuS is back in the game again with targeted attacks against banks and their customers. The FBI has issued a warning that data thieves are using a modified version of ZeuS called "Gameover" to launch a spear phishing campaign using legitimate-looking emails from the National Automated Clearing House Association (NACHA). The fake emails advise recipients there's a problem with an ACH transaction at their bank and the transaction wasn't processed. When users click on the link in the email the Gameover malware infects their PC with the ability to key log as well as steal their online banking credentials, defeating several forms of two factor authentication. The thieves then launch a DDoS (Distributed Denial of Service) attack on the financial institution which the agency believes is a ploy to divert the banks' attention from high-dollar wire transfers. Krebs on Security has the details.

    Robin Hood op targets banks
    In what they are calling "OpRobinHood," hacktivist groups Anonymous and Teamp0ison are going after big banks in an effort to damage the banks' reputations and their financial standings. The collaborative operation will steal credit card details from big banks and use the stolen card data to make donations to charities and others the group claims have been "cheated by our system....and hurt by our banks." There are some alleged reports that several major banks have already been hit (with subsequent donation payments made). Help Net Security has the details.

    Carding business busted
    Blank credit cards linked to as many as twenty different banks were seized by authorities in the Dominican Republic when they put a carder lab out of business and arrested one of the group's alleged leaders. A computer, USB drives, digital camera and a printer designed to manufacture fraudulent credit cards were also confiscated when Adolfo Alejandro Thomas Rodriquez was arrested in the city of Santo Domingo. Threatpost has the story.

    Banking on tablets
    Technology has changed the way we do banking. First came desktop computers, then laptops followed by the BlackBerry and other smartphones...and then Steve Jobs brought us the iPad. Now we have Amazon's Kindle Fire and other popular tablets. Banks are scrambling to keep up with tech-savvy consumers who want to bank on the go - on the device of their choice. Javelin Research reports that only 30 percent of the nation's big banks have banking apps for tablets and those are designed for the iPad, leaving the market wide open for Android-based tablet users. PC World has more on the tablet revolution and why banks should be jumping on the bandwagon - especially this time of year.

    A picture's worth
    Financial institutions are finding that a picture can be worth more than a thousand words in the fight against fraud. Using facial recognition technology with images collected from ATMs, teller windows and other databases, bank security staff can identify a fraudulent driver's license or run a suspicious customer's image through a database for any other potentially fraudulent transactions. Reuters has more on using facial recognition as a fraud prevention tool and the privacy concerns that go along with it.

    Time to pay
    Consumers in the United Kingdom will soon find paying for purchases as easy as checking the time. In partnership with Australian watchmaker LAKS and electronic payments provider Vincento Payment Solutions, MasterCard will be offering a contactless wristwatch. Enabled with MasterCard's PayPass technology, Watch2pay will give consumers the convenience of making purchases of up to 15 pounds at more than 70,000 participating retailers by tapping the watch against a contactless reader without needing to enter a PIN. Bank Systems & Technology has the details.

    Unlucky consumers and risky retailers
    Shoppers purchasing their wares at Lucky Supermarket stores in California were unlucky victims of data theft. During routine store maintenance, card skimmers were discovered on self-checkout lanes in twenty of Lucky's stores. Parent company Save Mart hasn't released details about what, if any, financial data was retrieved by the thieves but has advised its customers to monitor their credit and debit card accounts, reports Threatpost. Despite the PCI Security Standards Council's efforts the past five years to educate, train and implement standards for enhanced card security, a recent Verizon study found that nearly 80% of retailers are not complying with PCI standards. Infosec Island has more on how retailers are putting card carrying consumers at risk.

    Card stealing trojan
    A new card-stealing trojan that is designed to circumvent the protections of PCI/DSS compliance standards is targeting credit card processing and point of sale (PoS) equipment. In this case, the thieves appear to be going after smaller and moderately-sized businesses that don't have the resources for costly defensive counter-measures. Sophos has more details on this current targeted threat that is evolving daily. Both you and your business customers should be on the alert.

    Future cyber threats for FIs
    In just a few weeks 2011 will be behind us and we will be starting fresh with a new year. Last year security researchers predicted a rise in attacks targeting social networking sites and smartphones along with an increase in hacktivism -- all of which we have seen evidence of in 2011. Technology consulting firm Booz Allen Hamilton has gazed into their crystal ball to give financial institutions a glimpse of the cyber threats it foresees for banks and investment firms in 2012. Help Net Security shares Booz Allen's predictions of the top ten threats for the coming year you should be preparing for now.

    The latest reports on spam, scams and breaches:
    Payment Card Industry Data Security Policy Template
    On the lighter side ...
    A number of events triggered by the same initial event is what is known as a chain reaction. Just how far these chain reactions travel can be fun to watch.
    Updates, Patches and Alerts...
      In the Banker Store
    CD ROM Training
    Customer Authentication: The Bar Has Been Raised
    FACTA: Responding to Identity Theft (Video)
    Video Training
    Responding to Identity Theft
    CD ROM Training
    Consumer and Small Business Mobile Capture - Deposits on the Move!
      Archived Articles on Technology and eBanking
    You have access to archived Tech Talk pages and Tech Alerts on BankersOnline's
    Technology & eBanking Archive page.
    Plus, you'll find the latest technology and eBanking articles and guru Q&As there, too. You'll find many more related articles in our InfoVault.
      Support the vendors who support BOL!
    Through their advertising and sponsorships on BOL and BOL Vendor Connect, companies offering banking products and services help to make this site possible. When you're looking for a supplier, give your business to companies who support Find them now in Our Sponsors and BOL Vendor Connect.