|
|
|
 |
Lending Gurus
Operations Gurus
Security Gurus
Marketing Gurus
Technology Gurus
eBanking Gurus
|
What about the latest phishing attack?
Question: What About the Latest Phishing Attack?
Answer: For those that are not familiar with this, on Sunday, January 25, 2004, terrorists leveraging resources in Korea, and posing as United States government representatives, attacked our country in an attempt to undermine the security of our banking systems.
In this case, the terrorists used a method of attack called "phishing." Phishing uses fraudulent email messages and fraudulent websites to fool recipients into divulging personal authentication data such as account usernames and passwords, credit card numbers, social security numbers, etc. Because these fraudulent emails and websites look "official" many people are tricked into disclosing valuable information -- which results in financial losses and identity theft.
This latest phishing attack is one of the most aggressive ever seen. An email, which appeared to originate from the Federal Deposit Insurance Corporation, tells consumers that their banking accounts have been denied insurance from the FDIC due to suspected violations of the Patriot Act.
"As a result Department Of Homeland Security Director Tom Ridge has advised the Federal Deposit Insurance Corporation to suspend all deposit insurance on your account until such time as we can verify your identity and your account information. Please verify through our IDVerify below."
The attack last night was more than a generic network attack against a single network, it was an attack on our country and a blatant attempt to undermine the integrity of our financial systems. In this case, our reaction should be immediate neutralization of the threat. At the time I'm writing this, nearly 24 hours after the threat originated, the website in question is still active.
Are cyber attacks disguised as government messages, preying on some of our deepest anxieties, something that we have to endure until we can become more wary? Are security alerts and consumer education the only defense against these attacks?
I don't think so.
What is the right response to a specific act like this? We know where the threats come from and we have the technical and the physical means to stop these threats immediately.
So why don't we?
I propose two fixes, one in the short-term and the other longer term.
In the short-term, we should have a task force authorized to rapidly disable
threats either physically or technically.
Long-term, we should focus on consumer education and awareness. But until
that is in place, we need to focus and attack the threats as they appear.
The call to action? I am willing to do my part, whatever it takes, to build
a response plan that will effectively neutralize these threats as they
appear. Who else wants to step up?
SecurePipe
SecurePipe delivers a complete network security solution -- the expert staff, innovative technology and the examiner compliant processes you need to dramatically improve your security posture and reduce costs. SecurePipe makes strong network security affordable by delivering 24x7 managed network security at a fraction of the cost of doing it in-house. To learn more, contact us toll-free at 1-877-248-1632 or email sales@securepipe.com to arrange a FREE security assessment to learn how your financial institution can
benefit from managed security services.
First published on BankersOnline.com 2/2/04
Home | Compliance | Lending | Operations | Security | Marketing | Technology | eBanking
BOL Archives Privacy Policy Important Disclaimer Recommend This Site ! Contact Us
BankersOnline is a free service made possible by the generous support of our
advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all
banking professionals. Support our advertisers and sponsors by clicking
through to learn more about their products and services.
|
|
|
Print Friendly!
Email This Article!
Discuss NOW!