$2.1M stolen with bogus fax|
In what is both a sophisticated and yet simple social engineering attack, an unnamed fraudster successfully purloined $2.1 million from a hospital's Wells Fargo Bank escrow account with little more than a bogus faxed money transfer request. The thief accessed a copy of the hospital CFO's signature online and used it to perpetrate his fraud. Help Net Security has the story and more on how social engineering and some basic skills may be the only tools cyber criminals need to get access to your accounts.
Good ATMs come in small packages
They say the best things come in small packages. We're not sure who "they" are, but NCR Corporation has launched what they say is a proven cash dispenser (ATM) with high availability that is the smallest-ever SelfServ ATM. The SelfServ 14 ATM takes up minimal space but can run the full suite of APTRA software for easy integration and network management. Get the details at ATM Marketplace.
Banking malware at your service
Customer service is a financial institution's highest priority and today's technology provides us with greater tools for reaching out to consumers in "real time." Cyber criminals have discovered a way to use those same tools to infect banking users with malware. Security firm Trusteer is warning users about a disturbing new attack it's identified using the live chat feature now found on many banking and business websites. The cyber crooks lie in wait for unsuspecting victims to login online and then present them with fake messages informing them that “security checks” need to be performed and that a bank representative will assist them via live chat. Threatpost has the details. This is another alarming example of the growing sophistication of fraudsters who depend on the users' trust in their banks' security procedures.
#1 on the charts - again
In the music industry, performers strive to hit #1 on Billboard's top music charts in their genre. It's even better when a musician or group makes it to the top of that list twice. That's not the sentiment we share when it comes to cybercrime and identity theft. The FTC (Federal Trade Commission) reports that identity theft has once again hit the top of their charts as the number one complaint filed by U.S. residents in 2011, reports CSO. Business identity theft is another growing concern that has thus far been ambiguous and may often go unreported. Threatpost has more details on a trend that could be more commonplace than you - or your business customers - think.
Mobile trojan makers indicted
Authorities in France have arrested and indicted two men accused of allegedly developing a mobile trojan app used for stealing funds from Android users. The "Foncy" trojan is believed to have targeted over 2,000 Android users in European countries and Canada since it first appeared last year. Once victims' mobile devices were infected, the trojan would send SMS messages to premium rate numbers that were in turn charged to the users' accounts, reports Help Net Security.
Isis gets new partners
Three major players in the credit arena have joined mobile payments venture Isis this week in providing services for the Isis Mobile Wallet. Chase, Capital One and BarclayCard (representing about 100 million cardholders combined) will integrate their debit, credit and prepaid cards into the NFC-based mobile payments application. Kicking off in selected test markets in mid-2012, consumers will be able to load their eligible Chase, Capital One and Barclaycard cards into their Isis Mobile Wallets and shop at participating merchants. Computerworld has more on the joint venture that seeks to compete with Google Wallet and other leading mobile payments providers.
MasterCard, money & mobile merge
March winds are blowing mobile payments technology to the forefront this week as yet another major player launches mobile money services. MasterCard is partnering with mobile money providers Comviva, Sybase 365 and Utiba to bring mobile financial services to billions of underbanked consumers globally. The MasterCard "Mobile Money Partnership Program" will enable consumers in developing markets to make purchases, transfer funds, and pay bills using their mobile devices. Bank Systems & Technology has the details.
Mobile app for SMBs
The more the merrier - at least when it comes to the mobile payments market. JPMorgan Chase has its own plans for a mobile payments application to compete with Isis and other contenders. Marketing largely to business banking customers, JP Morgan's GoPago free payments app allows enables consumers to pay for goods or services from their smartphones and simply display the receipt for those purchases to the seller. Other benefits for businesses include the ability to offer personalized deals to users and setting up a merchant store. IT World has the details.
The forgotten password
A recent study conducted by Ping Identity revealed that online users are more protective of their Facebook password than any other. In an effort to increase security and reduce fraud, more complex password requirements have been instituted by banks and online retailers. The downside to this practice is that in their efforts to reduce the amount of complex passwords they need to remember, consumers are using the same password for multiple sites. Chances are good if a data thief gets ahold of your bank customer's Facebook credentials, they are likely going to be able to access their bank accounts as well. Help Net Security has more on Ping's study. Your online banking application should encourage your customers to use a unique password and require them to change it periodically.
Updates, Patches and Alerts...
US-CERT: Current Activity
MSNBC: Windows 8 first look - and first touch
TechWorld: Secunia hopes vendors are on board with repackaged security updates
Help Net Security: Cisco updates security certs