BANKERSONLINE.COM MAIN PAGE             Print Friendly Version!    Email This Article!    Discuss NOW!
March 2, 2012

Welcome to Tech Talk!
Here are the selections Tech Talk Editors George Milner and Teri Wesley have collected from this week's tech news:
  • $2.1M stolen with bogus fax
  • ATMs in small packages
  • Banking malware at your service
  • #1 on the charts - again
  • Mobile trojan makers indicted
  • Isis gets new partners
  • MC, money & mobile merge
  • Mobile app for SMBs
  • The forgotten password
  • Spam, Scams & Breaches
  • Updates, Patches and Alerts...
  • and on the lighter side...
$2.1M stolen with bogus fax
In what is both a sophisticated and yet simple social engineering attack, an unnamed fraudster successfully purloined $2.1 million from a hospital's Wells Fargo Bank escrow account with little more than a bogus faxed money transfer request. The thief accessed a copy of the hospital CFO's signature online and used it to perpetrate his fraud. Help Net Security has the story and more on how social engineering and some basic skills may be the only tools cyber criminals need to get access to your accounts.

Good ATMs come in small packages
They say the best things come in small packages. We're not sure who "they" are, but NCR Corporation has launched what they say is a proven cash dispenser (ATM) with high availability that is the smallest-ever SelfServ ATM. The SelfServ 14 ATM takes up minimal space but can run the full suite of APTRA software for easy integration and network management. Get the details at ATM Marketplace.

Banking malware at your service
Customer service is a financial institution's highest priority and today's technology provides us with greater tools for reaching out to consumers in "real time." Cyber criminals have discovered a way to use those same tools to infect banking users with malware. Security firm Trusteer is warning users about a disturbing new attack it's identified using the live chat feature now found on many banking and business websites. The cyber crooks lie in wait for unsuspecting victims to login online and then present them with fake messages informing them that “security checks” need to be performed and that a bank representative will assist them via live chat. Threatpost has the details. This is another alarming example of the growing sophistication of fraudsters who depend on the users' trust in their banks' security procedures.

#1 on the charts - again
In the music industry, performers strive to hit #1 on Billboard's top music charts in their genre. It's even better when a musician or group makes it to the top of that list twice. That's not the sentiment we share when it comes to cybercrime and identity theft. The FTC (Federal Trade Commission) reports that identity theft has once again hit the top of their charts as the number one complaint filed by U.S. residents in 2011, reports CSO. Business identity theft is another growing concern that has thus far been ambiguous and may often go unreported. Threatpost has more details on a trend that could be more commonplace than you - or your business customers - think.

Mobile trojan makers indicted
Authorities in France have arrested and indicted two men accused of allegedly developing a mobile trojan app used for stealing funds from Android users. The "Foncy" trojan is believed to have targeted over 2,000 Android users in European countries and Canada since it first appeared last year. Once victims' mobile devices were infected, the trojan would send SMS messages to premium rate numbers that were in turn charged to the users' accounts, reports Help Net Security.

Isis gets new partners
Three major players in the credit arena have joined mobile payments venture Isis this week in providing services for the Isis Mobile Wallet. Chase, Capital One and BarclayCard (representing about 100 million cardholders combined) will integrate their debit, credit and prepaid cards into the NFC-based mobile payments application. Kicking off in selected test markets in mid-2012, consumers will be able to load their eligible Chase, Capital One and Barclaycard cards into their Isis Mobile Wallets and shop at participating merchants. Computerworld has more on the joint venture that seeks to compete with Google Wallet and other leading mobile payments providers.

MasterCard, money & mobile merge
March winds are blowing mobile payments technology to the forefront this week as yet another major player launches mobile money services. MasterCard is partnering with mobile money providers Comviva, Sybase 365 and Utiba to bring mobile financial services to billions of underbanked consumers globally. The MasterCard "Mobile Money Partnership Program" will enable consumers in developing markets to make purchases, transfer funds, and pay bills using their mobile devices. Bank Systems & Technology has the details.

Mobile app for SMBs
The more the merrier - at least when it comes to the mobile payments market. JPMorgan Chase has its own plans for a mobile payments application to compete with Isis and other contenders. Marketing largely to business banking customers, JP Morgan's GoPago free payments app allows enables consumers to pay for goods or services from their smartphones and simply display the receipt for those purchases to the seller. Other benefits for businesses include the ability to offer personalized deals to users and setting up a merchant store. IT World has the details.

The forgotten password
A recent study conducted by Ping Identity revealed that online users are more protective of their Facebook password than any other. In an effort to increase security and reduce fraud, more complex password requirements have been instituted by banks and online retailers. The downside to this practice is that in their efforts to reduce the amount of complex passwords they need to remember, consumers are using the same password for multiple sites. Chances are good if a data thief gets ahold of your bank customer's Facebook credentials, they are likely going to be able to access their bank accounts as well. Help Net Security has more on Ping's study. Your online banking application should encourage your customers to use a unique password and require them to change it periodically.

Updates, Patches and Alerts...
  • US-CERT: Current Activity
  • MSNBC: Windows 8 first look - and first touch
  • TechWorld: Secunia hopes vendors are on board with repackaged security updates
  • Help Net Security: Cisco updates security certs
  • Join
    Paul Carrubba and Dan Fisher

    in a 2-hour
    LIVE Webinar

    Payment Processor Relationships - Revised Guidance

    April 10, 2012

    The FDIC's Financial Institution Letter (FIL-3-2012) on payment processor relationships instructs FDIC-supervised institutions to exercise additional care when establishing relationships with vendors that offer payment processing. Today's technology adds to the complexity of relationships and can be exploited by fraudsters if the appropriate level of due diligence and care is not applied by institutions. This webinar will provide a comprehensive review of all technology-related guidance recently issued and the components of a vendor outsourcing agreement.

    Can't attend?
    Order the CD ROM of the program now.
    Payment Card Industry Data Security Policy Template
    On the lighter side ...
    Many (well some) of us remember the 1960s animated sitcom, The Jetsons, that was set in a futuristic utopia of robots, space travel, and whimsical inventions. The premise of that show seemed so far-fetched at the time, but Nevada state residents are getting a preview of the future now.
    In the Banker Store
    CD ROM Training
    FFIEC Supplement to Authentication Guidance
    CD ROM Training
    Corporate Account Take-Over and Securing your Internet Banking Site
    CD ROM Training
    Is Your Bank Penetrable?

    Subscribe to Tech Talk and BOL Tech Advisories
      Archived Articles on Technology and eBanking
    You have access to archived Tech Talk pages and Tech Alerts on BankersOnline's
    Technology & eBanking Archive page.
    Plus, you'll find the latest technology and eBanking articles and guru Q&As there, too. You'll find many more related articles in our InfoVault.
      Support the vendors who support BOL!
    Through their advertising and sponsorships on BOL and BOL Vendor Connect, companies offering banking products and services help to make this site possible. When you're looking for a supplier, give your business to companies who support Find them now in Our Sponsors and BOL Vendor Connect.