BANKERSONLINE.COM MAIN PAGE             Print Friendly Version!    Email This Article!    Discuss NOW!
January 20, 2012

Welcome to Tech Talk!
Here are the selections Tech Talk Editors George Milner and Teri Wesley have collected from this week's tech news:
  • Software code stolen from Fed
  • Bank cyber heist nets millions
  • Father and son fraud team
  • Zest for cash
  • POS biometrics
  • Zapped by hackers
  • Searching for fraud
  • Gift giving from the ATM
  • Playing with money
  • Spam, Scams & Breaches
  • Updates, Patches and Alerts...
  • and on the lighter side...
  • Software code stolen from the Fed
    A Chinese computer programmer hired as a contract employee by a third party technology consulting company is charged with stealing software code valued at nearly $10 million from the Federal Reserve Bank of New York. The software, the Government-wide Accounting and Reporting Program (GWA), is used to help track billions of dollars the United States government transfers daily. Following his arrest, Bo Zhang of Queens, New York admitted to illegally copying the code to an external hard drive and taking it home, reports Reuters. We have to wonder what kind of third party security measures were in place - or should have been in place - to prevent this type of insider breach.

    Bank cyber heist nets millions
    Bank robbers are a varied breed with differing MOs (modi operandi) and they target banks in every state or province in every country across the globe. Thieves in South Africa devised a cleverly executed plan to pull off their heist without being physically present at the bank. Over the New Year holiday in Johannesburg, a cyber gang accessed the South African Postbank's server system from a remote location and transferred more than $5.2 million from various accounts into accounts the crooks opened several months earlier. Get the details on how they pulled off their sophisticated cyber robbery at TechWorld. While it may have taken place far from our homeland here in the U.S., this story is a reminder that criminals are industrious and banks are always vulnerable to new and unsuspected attacks.

    Father and son fraud team
    Facing charges of conspiracy, mail fraud, wire fraud, computer fraud, aggravated identity theft and securities fraud, Vladimir Zdorovenin of Moscow has been extradited to the U.S. and could face up to 142 years in prison. From their home in Russia, Zdorovenin, 54, and his son Kirill (who remains at large) stole and used stolen credit card information, established fake websites and bank accounts, ran stock scams, and tapped into the financial accounts of U.S. victims. Sophos has the full story.

    Zest for cash
    Former Google CIO Douglas Merrill has raised $73 million in funding toward his quest to reform payday lending with his new venture, ZestCash. Consumers with poor credit often turn to payday lenders to take out small, short term loans that result in high fees when borrowers are unable to repay the loans immediately. ZestCash loans are processed solely online and allow borrowers to set the amount and the terms of the loan based on a manageable weekly payment. TechCrunch has more on this new service being marketed to millions of unbanked consumers.

    POS biometrics
    Retailers have seen a notable increase in point-of-sale (POS) fraud losses in recent years. Approximately $40.7 billion in losses annually are attributed to disloyal or fraudulent employees, according to the Centre for Retail Research's Global Retail Theft Barometer. Over half of the retail businesses surveyed are still using the least secure method of password authentication. Fingerprint biometric authentication is being considered by many retailers as a viable solution to prevent fraud at POS systems, reports Help net Security.

    Zapped by hackers
    Hackers targeted Amazon-owned online shoe retailer Zappos and gained access to parts of its internal network and systems containing information on 24 million customers. Though company representatives said full credit card information was not compromised, the hackers who gained access through a Kentucky server stole billing and email addresses, the last four digits of credit cards, and scrambled passwords. Zappos has issued a warning to its customers to change their passwords, particularly on other sites where they may be using the same password, and to be on the alert for phishing emails and other signs of fraudulent activity. InformationWeek has the details.

    Searching for fraud
    The World Wide Web's first search engine was Archie (in no way associated with the comic book character), derived from the word "archive" without the v. Then came others like Yahoo, WebCrawler and Lycos. Now we search - or "Google" - using the most popular web-based search engine in the world. The criminal underground now has its own Google-style search engine that indexes and aggregates data about compromised cards and leads buyers to the best fraud shops for their needs. doesn't store card numbers or card holder information. It works by indexing the first six digits of compromised account numbers, which are the bank identification numbers, and provides users links to fraud vendors who offer cards issued by the corresponding bank. Krebs on Security has the details.

    Gift giving from the ATM
    Shopping for that perfect gift for a friend, loved one or coworker can be a daunting task. Gift cards have grown in popularity and are now available for almost any retail store, restaurant, coffee shop, movie theatre and in some cases professional services. Nearly $460 billion was loaded onto prepaid cards in 2011. You can drive to the merchant of choice to purchase a gift card or grab one from the "card mall" at your local supermarket - and you might soon be able to pick up a gift card at your local ATM. Machine-dispensed prepaid cards are being piloted by Better ATM Services in select markets. ATM Marketplace has the details.

    Playing with money
    Watch out Angry Birds - there's a new game in town! Financial firms are turning to games to attract and hold onto a younger generation of consumers. A free rewards program is being offered by SaveUp that allows users to link their savings and debt-bearing accounts to earn credits by making deposits or paying down debt. The credits earned can be redeemed for chances to win iPads, airline tickets, cars, scholarships and the top prize, a $2-million annuity. SaveUp can securely connect with nearly every financial institution in the US that provides online banking services. Reuters has the details.

    Updates, Patches and Alerts...
  • US-CERT: Current Activity
  • InfoWorld: Adobe plugs 6 critical holes in reader
  • Computerworld: Oracle to issue 78 patches, including 27 for MySQL
  • ZDNet: McAfee to plug spam hole this week
  • Techworld: PHP fixes hash collision DoS vulnerability in PHP 5.3.9
  • Join

    Paul Carrubba
    and Dan Fisher

    in a 2-hour
    LIVE Webinar

    Mobile Banking

    January 25, 2012

    Smart Phones and Wi-Fi availability are placing extreme pressure on financial institutions to keep up with the pace of change. It is no longer a matter of what to do as much as it is a matter of when to implement a mobile banking solution. Customers are mobile and you need to be too! Learn more about your mobile banking options and the legal and regulatory issues to consider in this information-packed two-hour webinar by Paul Carrubba and Dan Fisher.

    Can't attend?
    Order the CD ROM of the program now.
    Payment Card Industry Data Security Policy Template
    On the lighter side ...
    Today's generation can't fathom a world without mobile phones, computers, or the world wide web. But there are still a few of us Baby Boomers around that can remember life without the Internet.
    In the Banker Store
    CD ROM Training
    FFIEC Supplement to Authentication Guidance
    CD ROM Training
    Corporate Account Take-Over and Securing your Internet Banking Site
    CD ROM Training
    Is Your Bank Penetrable?

    Subscribe to Tech Talk and BOL Tech Advisories
      Archived Articles on Technology and eBanking
    You have access to archived Tech Talk pages and Tech Alerts on BankersOnline's
    Technology & eBanking Archive page.
    Plus, you'll find the latest technology and eBanking articles and guru Q&As there, too. You'll find many more related articles in our InfoVault.
      Support the vendors who support BOL!
    Through their advertising and sponsorships on BOL and BOL Vendor Connect, companies offering banking products and services help to make this site possible. When you're looking for a supplier, give your business to companies who support Find them now in Our Sponsors and BOL Vendor Connect.