BANKERSONLINE.COM MAIN PAGE             Print Friendly Version!    Email This Article!    Discuss NOW!
April 13, 2012

Welcome to Tech Talk!
Here are the selections Tech Talk Editors George Milner and Teri Wesley have collected from this week's tech news:
  • 13 unlucky skimmers
  • Palm-reading at the ATM
  • Trojan targets payroll provider
  • Checking in with ZeuS
  • 750k potential ID theft victims
  • Taking a chance on e-banking
  • Close the door to fraud
  • Mobility for mid-tier FIs
  • It's open source for CFPB
  • Spam, Scams & Breaches
  • Updates, Patches and Alerts...
  • and on the lighter side...
13 unlucky skimmers
Thirteen was the unlucky number for a group of skimmers targeting Las Vegas ATMs. Thirteen California residents have been arrested and indicted on charges of conspiracy and aggravated identity theft for their roles in a two-year card skimming operation. Using skimmers and pinhole cameras installed on numerous Chase Bank ATMs in the Las Vegas region from November 2009 to November 2011, the thieves collected stolen data that was used to create fake credit cards. BankInfoSecurity has the details and more on other card fraud cases that highlight the need for increased security to protect cardholders and their accounts.

Palm-reading at the ATM
Some people are superstitious by nature and others turn to astrology and palm readers for a glimpse into their future. A Japanese bank is turning to palm reading for identity verification at its ATMs. With the slogan "You are your cash card," Ogaki Kyoristu Bank announced the upcoming installation of palm scanners to replace cash cards on machines at ten bank branches, two mobile banks and a drive through ATM. Users will be able withdraw or deposit cash and check their balances by placing their hand on a scanner and entering their birthday plus a PIN. IT World has the details.

Trojan targets payroll provider
Customers of a Canadian payroll service provider are the unlucky targets of the malicious ZeuS malware. Researchers from security firm Trusteer have discovered yet another variation of the ZeuS banking trojan that pilfers user IDs, passwords and company numbers when corporate users log in to Ceridian, a Canadian provider of cloud payroll services. When unsuspecting users log in to the image-based verification system on infected computers, the malware takes screenshots of their answers and their chosen security icon, providing that information to the thieves. IT World has the details on this latest attack targeting financial enterprises.

Checking in with ZeuS
Airline companies profits will drop today as many travelers won't fly on Friday the 13th due to the superstition rooted in ancient bad-luck associations with the number 13 and the day Friday. But it doesn't have to be Friday the 13th for some travelers to have the misfortune of being targeted by the ZeuS banking trojan. In March, US Airways travelers received emails with a link for online reservations and online check in. But the flight the victims checked into was piloted by the ZeuS malware and redirected users to malicious code delivered via the Blackhole exploit kit, reports SC Magazine.

750k potential victims of ID theft
A data breach targeting a server at the Utah Department of Technology Services has compromised the Social Security numbers and other personal information of more than 750,000 individuals. Believed to be the work of Eastern European hackers and the largest breach in Utah's history, Social Security numbers of about 280,000 Medicaid and CHIP (Children's Health Insurance Plan) recipients were accessed from the server. The "lucky" victims had only their names, addresses and dates of birth stolen by the criminals. All of those affected by the breach have been offered free credit monitoring for a year and have been warned about potential phishing attempts by email or phone. Help Net Security has the story.

Taking a chance on online banking
Results of a survey released by mobile technology and security provider Entersekt revealed that most consumers believe their personal information will be breached at some point. Of the 1,000 consumers polled, 41% feel that online banking and shopping is like playing Russian roulette. While men and women differed in their attitudes toward online banking and shopping, 70% of all consumers said they would switch banks because of lack of security and 78% were in favor of banks providing more robust security measures. Help Net Security has more on consumers' perceptions of online and mobile banking.

Close the door to fraud
Lucky or unlucky, superstitious or not, most people don't leave their valuables unprotected or leave the door to their homes open and unlocked when they go out. Securing personal computers and mobile devices, and protecting login credentials, ranks right up there - and in some cases higher - on their list of risks. A survey of 1,637 Internet users (over the age of 18) conducted by internet security provider Webroot found consumers recognize the risks of conducting personal business online, sharing passwords, and using email. They place significant value on digital devices and are becoming more savvy about their safety when using them. Help Net Security has more results from the survey.

Mobility for mid-tier FIs
Monitise, the global provider of mobile banking, payments and commerce networks, is extending a helping hand to mid-tier regional and community banks and credit unions with its newest mobile banking platform, Clairmail Plus. In response to low adoption rates for mobile banking within these markets, Clairmail Plus is designed to provide an accessible and affordable mobile solution that meets the needs of smaller and underserved mid-tier financial institutions and their customers. Banking Technology has the details.

It's open source for CFPB
The new Consumer Financial Protection Bureau (CFPB) has adopted an open door policy regarding the use of open source software. Open source software enables people and agencies to share their contributions with others for mutual benefit. Software designed for open source use is often offered free to users and the CFPB state in its announcement that software they build or contract with a third party will be made available to the public at no charge. TechCrunch has the details.

Updates, Patches and Alerts...
  • Help Net Security: Microsoft released six comprehensive security updates
  • CNET: Acrobat and Reader updates close security vulnerabilities
  • Krebs on Security: Urgent fix for zero-day Mac Java flaw
  • Help Net Security: 0-day in Backtrack Linux found, patched
  • ALERT: Help Net Security: Microsoft warns of targeted attacks exploiting Windows flaw
  • Join
    Susan Orr

    in a 2-hour
    LIVE Webinar

    Technological Advances to Improve Security: What's Available?

    May 25, 2012

    The technology age has brought a plethora of products and services that have changed how we live, work, and play. Look at the technology and processes your institution has implemented: Websites, email, online banking, bill payment, merchant capture, mobile banking, and more! These technological advances come with increased risks and the need for security and monitoring. This presentation will provide an overview of some of the products and services available to help financial institutions improve security, reduce risks, and increase productivity.

    Can't attend?
    Order the CD ROM of the program now.
    Payment Card Industry Data Security Policy Template
    On the lighter side ...
    Out with the old, in with the new is a popular New Year's sentiment that applies to technology as well. How many of these "old" tech sounds do you remember?
    In the Banker Store
    CD ROM Training
    When Social Media Attacks
    CD ROM Training
    Payment Processor Relationships - Revised Guidance
    CD ROM Training
    Is Your Bank Penetrable?

    Subscribe to Tech Talk and BOL Tech Advisories
      Archived Articles on Technology and eBanking
    You have access to archived Tech Talk pages and Tech Alerts on BankersOnline's
    Technology & eBanking Archive page.
    Plus, you'll find the latest technology and eBanking articles and guru Q&As there, too. You'll find many more related articles in our InfoVault.
      Support the vendors who support BOL!
    Through their advertising and sponsorships on BOL and BOL Vendor Connect, companies offering banking products and services help to make this site possible. When you're looking for a supplier, give your business to companies who support Find them now in Our Sponsors and BOL Vendor Connect.