BANKERSONLINE.COM MAIN PAGE             Print Friendly Version!    Email This Article!    Discuss NOW!
January 13, 2012

Welcome to Tech Talk!
Here are the selections Tech Talk Editors George Milner and Teri Wesley have collected from this week's tech news:

  • Banks gear up for battle
  • Crime superstore shut down
  • High tech bank robber busted
  • Big bank breaches customer info
  • A different kind of online attack
  • The game is not over
  • Smart move to mobile
  • NFC phones certified by Visa
  • Coming soon: FFIEC guidelines
  • Spam, Scams & Breaches
  • Updates, Patches and Alerts...
  • and on the lighter side...
  • Banks gear up for battle
    With the rise in cyber attacks targeting banks and other financial industry organizations, a joint effort is being coordinated by big banks and security officials from Wall Street giants Morgan Stanley and Goldman Sachs to fight back against hackers. Teaming up with Polytechnic Institute of New York University, the group will create a center for collaborating and sorting through bank databases to identify potential threats and attacks. Threatpost has the details.

    Crime superstore shut down
    Working in partnership with federal agencies, local police, banks and credit card companies, the FBI has closed down a cyber crime superstore in the Garden State of New Jersey. Beginning with stealing Social Security numbers of unsuspecting victims and creating fake identities, the Park criminal enterprise grew into a full blown cybercrime operation that built bogus credit histories and opened fraudulent bank accounts and credit lines. The Fed's bust netted 43 members of the crime ring and 10 other individuals charged with related offenses in the sophisticated scheme responsible for stealing millions of dollars from financial institutions, retailers, car leasing companies, and even the IRS. has the details.

    High tech bank robber busted
    Manhattan U.S. Attorney Preet Bharara referred to ATM skimmers as "high tech bank robbers" following the apprehension of Romanian national Laurentiu Balat for his alleged role in an ATM card skimming operation targeting 40 HSBC ATMs in New York. These high tech thieves replace a gun and a note with fake card readers and hidden cameras to steal victims' information and their money. Balat's operation got away with at least $1.5 million before bank surveillance cameras captured Balat in the act of installing the skimmers and pin-hole cameras. TechWorld has the story. If convicted on charges of conspiracy to commit bank fraud and one count of bank fraud, Balat could spend up to 60 years in prison.

    Big bank breaches customer info
    The fourth largest bank in the U.S., Wells Fargo (which recently acquired Wachovia), is under investigation by the Connecticut Attorney General for releasing Social Security numbers of multiple clients during a fraud investigation. Wells Fargo received subpoenas from the state department of Social Security requesting financial information, and subsequently gave some of its customers copies of the subpoenas, which included Social Security numbers of a number of individuals. Reuters has the story. Wells Fargo is scrambling to make the best of its faux pas and will offer identity theft protection for the affected individuals.

    A different kind of online attack
    Banks are vulnerable to varied degrees of attacks that can, and often do, open the door for cybercriminals to pilfer large sums of money from banks' customers or the banks themselves. You work hard to protect your institution against the obvious threats we read about and report on each week. But what about logical security flaws in financial systems whose exploitation can be actually be "legal?" One such flaw is in the way rounding is done in currency exchange that allows users to effectively influence the currency exchange rates. Help Net Security reports on how currency rounding errors can be profitable and the countermeasures banks can employ to eliminate their losses.

    The game is not over
    To innocent victims who lose hundreds or thousands (maybe even millions) of dollars to fraudsters in sophisticated scams and phishing expeditions, losing their funds to cyber thieves is anything but a game. The FBI is alerting consumers about the increase in a newer variant of the ZeuS malware dubbed "Gameover," which targets users' bank account logins and defeats commonly used authentication methods. The phishing scam hooks unsuspecting consumers with seemingly legitimate-looking emails from official financial agencies, like the Federal Reserve, FDIC and NACHA. Network World has more on the alert that you need to share with your customers along with a reminder to not open unsolicited email attachments. Find out more about how this malicious malware operates at Help Net Security.

    Smart move to mobile
    With fifty percent of smartphone owners using mobile banking according to Javelin Research's 2011 Mobile Banking Financial Scorecard, mobile banking has shifted from concept to reality. Cost remains a major consideration for financial institutions who have not yet adopted the technology. But the benefits, increased profit margins, and cross selling opportunities of providing your customers with a mobile banking application can reap valuable returns on the investment - and meet the growing needs of your customers. Bank Systems & Technology shares some insight moving toward the direction of smartphone banking apps.

    NFC phones certified by Visa
    The Samsung Galaxy, LG Optimus and select BlackBerry models have been certified by global payments giant Visa for NFC (near field communications) payments using Visa payWave terminals in Europe. Visa's payWave technology enables users to conduct wireless payment transactions by simply waving their mobile device in front of a compatible payment terminal. PC World has the details.

    Coming soon: FFIEC guidelines
    Formal assessments for compliance with the Federal Financial Institutions Examination Council's (FFIEC) online authentication guidance begin this month. As banking applications evolve, security precautions currently in place become ineffective in the face of new, more sophisticated attacks. The supplement highlights the need for better risk assessments, effective strategies for mitigating online risks, and improved customer and employee fraud awareness. Infosec Island has five FFIEC compliance tips to help banks understand what the guidance entails and what is expected of financial institutions.


    Paul Carrubba
    and Dan Fisher

    in a 2-hour
    LIVE Webinar

    January 25, 2012

    Mobile Banking

    Smart Phones and Wi-Fi availability are placing extreme pressure on financial institutions to keep up with the pace of change. It is no longer a matter of what to do as much as it is a matter of when your institution will implement a mobile banking solution. Customers are mobile and you need to be too! Learn more about your mobile banking options and the legal and regulatory issues to consider in this information-packed two-hour presentation by Paul Carrubba and Dan Fisher.

    Can't attend?
    Order the CD ROM of the program now.
    Payment Card Industry Data Security Policy Template
    On the lighter side ...
    With a little help from technology, you can do and see things you may not have the time or resources to do otherwise. hands.
    In the Banker Store
    CD ROM Training
    FFIEC Supplement to Authentication Guidance
    CD ROM Training
    Corporate Account Take-Over and Securing your Internet Banking Site
    CD ROM Training
    Is Your Bank Penetrable?
    Updates, Patches and Alerts...
  • US Cert: Current Activity
  • Threatpost: Google fixes three high-priority bugs in Chrome
  • SC Magazine: Adobe patches Reader bugs, releases new JavaScript feature
  • PC World: Microsoft slays the BEAST, and six other Patch Tuesday updates
  • Source: title

  • Subscribe to Tech Talk and BOL Tech Advisories
      Archived Articles on Technology and eBanking
    You have access to archived Tech Talk pages and Tech Alerts on BankersOnline's
    Technology & eBanking Archive page.
    Plus, you'll find the latest technology and eBanking articles and guru Q&As there, too. You'll find many more related articles in our InfoVault.
      Support the vendors who support BOL!
    Through their advertising and sponsorships on BOL and BOL Vendor Connect, companies offering banking products and services help to make this site possible. When you're looking for a supplier, give your business to companies who support Find them now in Our Sponsors and BOL Vendor Connect.