Eyeing post transaction fraud|
We all get it - that post-holiday let down after the excitement dwindles and it's back to business as usual. For consumers, it usually hits when the bills starting rolling in and they realize how much money they actually spent. They might even put off looking over all the transactions that hit their accounts those last few weeks in 2011. That's what fraudsters were banking on with post transaction attacks. Help Net Security reports on how the menacing bank-fraud malware SpyEye borrowed an old trick from its peer ZeuS to hide fraudulent transactions. Get the details and remind your customers to review their accounts in a timely manner for accuracy and any indication of fraudulent activity.
Sitting cyber ducks
Duck hunters take their sport very seriously, arming themselves with waders, camouflage clothing, guns, and decoys. They generally know the best spots to hunt their prey and the most effective techniques to achieve their goals. Cyber criminals and data thieves know the tools of their trade as well and apply them to effect the greatest damage and find the most valuable data. As many as three-quarters of targeted phishing operations are aimed at the financial sector and our U.S. financial system may be a sitting duck for cyber assaults, reports InfosecIsland.
With threats increasing worldwide at many retail points of sale, from supermarkets to gas station pumps and myriad retailers in between, protecting customer data is of paramount importance to ATM maker Diebold. Diebold's effort to reduce vulnerabilities is taking shape in the form of virtualized ATMs. Virtualized ATMs store customer data on protected data center servers, rather than the physical machines. Thieves can't get their hands on what's not there. Information Week has more details.
Socially rewarding bank
In a move that reflects the impact social media is having on everything - including banking - Citibank is offering their customers the benefit of pooling their Citi reward points together with their friends and loved ones on Facebook. Using Citi's new Facebook ThankYou Point Sharing app, customers can combine their points to be used by one person or charity for a gift or a notable cause. NewsFactor has the details.
Security 101: Stratfor breach
2011 did not end on a happy note for security and intelligence think tank Stratfor when the Anonymous hacker group got their hands on Stratfor's servers and 200 GB of credit card and other sensitive information on the firm's clients and email subscribers. Researchers studying the passwords exposed by the massive attack on the security firm say that many of the passwords were simple and easy to decode, including those belonging to former politicians and top-tier executives, reports MSNBC. While educating users on selecting stronger passwords is Security 101, you need to enforce strong security policies for websites and applications in your institution.
Not limited to ATMs, skimming devices can be used at retail locations and gas pumps as well. Unscrupulous employees can use handheld devices to skim credit card and debit card information prior to handing a card back to a customer. A skimming device is capable of storing data for up to 2,000 cards. With millions of people falling victim to skimming at ATMs and average losses of $1,000 per person, education is the key to prevention. PC World explores the anatomy of an ATM skimming scam with tips you can share with your customers to help them detect and respond to possible card fraud.
In with the new, out with the old
Auld Lang Syne - should auld acquaintance be forgot and never brought to mind? When it comes to online security, old passwords should. No matter how secure (or insecure) a password is, using the same login information for multiple sites and accounts puts users at higher risk for losing their sensitive information. Teaching your customers and your employees to not reuse old passwords when prompted to create new ones and not to use the same password for accessing multiple accounts is an important lesson in online security. In the case of a data breach like the one at Stratfor, the (in)security of one online service becomes a flaw that attackers can use to infiltrate other networks. InfoWorld has more on the importance of educating your customers about password reuse.
While Americans are becoming more tech-savvy, the average consumer and small business owner doesn't know what WEP, WPA, or WPS stand for, much less what it is or what it does. When they set up a home or small office network, they want the convenience of buying a wireless router that provides the security they need without any techie actions needed on their part. Researchers have discovered design flaws in the WPS (Wi-Fi Protected Setup) technology that was intended to make modern routers easier for typical users to securely configure. New tools have been released that can bypass the encryption used to protect wireless routers and make them vulnerable to a basic hacking technique. Get the list of vulnerable routers and more details at Krebs on Security.
Future financial tech trends
A new year prompts many of us to forge resolutions for better health, more family time, less spending - and maybe taking the leap from the "old way" of doing things to learning new technology to simplify their tasks. NewsFactor has four personal finance technologies your consumers may resolve to take advantage of in 2012. And with bank technology budgets on the rise and expected to increase this year, Bank Systems & Technology highlights eight bank technology trends in the financial sector driving towards increased efficiency and compliance with new requirements.