Skip to content
Tips for Tech

Tech Alert Briefing for 12/21/2007

December 21, 2007
Update covering December 14 - December 20, 2007

Welcome to Tech Talk! In this edition, BOL Gurus John Burnett and Andy Zavoina write about victims, "bricked" laptops, IE updates, and more.



You'll read about:

  • huge fishing growth
  • HP/Compaq woes
  • another big Apple update
  • a Trojan attack via Google ads
  • problems with IE patches
  • a revised IT spending forecast
  • a new way to read BlackBerry logs
  • holiday homework
  • a big fine for gambling ads
  • plans for a new Internet Explorer
  • an advance look at XP SP3
  • tricked-out browsers
  • the UK's embarrassing breaches
  • US-CERT's latest vulnerabilities list

Get the details below.

Beware of Phishing and Pharming
According to the Anti-Phishing Working Group, phishing attacks reached an all-time high last year. Designed specifically to educate and assist financial institutions, Harland Financial Solutions? Phishing Response Kit provides a detailed checklist and directives to help institutions respond in the event of a phishing scam. Download the complete kit here.

Training on CD-ROM
Remote Deposit Capture:
Images or ACH?

Insider Tips:
Network & Internet Security

Order Now

Patch & Vulnerability

Order Now
Phishing Victims Up 57%
A recent survey by IT research and advisory company Gartner, Inc. reveals that more than 3.5 million U.S. adults were hit by phishing scams and ID theft in the 12 months ending in August 2007, up 57% over the previous year. In the Computerworld article, a Gartner analyst accuses U.S. banking regulators of being "asleep at the wheel" on the issue. The changing cycle of methods used by phishers and other scam artists makes it harder for consumers to recognize malicious emails and ads.

HP, Compaq Laptops Vulnerable
"PorkyThePig," a Polish security researcher, has pointed out ActiveX weaknesses caused by HP's software updates. The vulnerability allows kernel files to be corrupted so the laptops won't boot. The Computerworld article has more on the operating systems found deficient as well as other fallout from the problem.

Another Big Apple Update
Apple released its second huge update in as many months early this week. It addressed 41 weaknesses in Mac OS X and another in the beta version of its Windows browser. According to the Computerworld article, at least 17 of the vulnerabilities targeted by the update would be classed as "critical" if Apple were to rank them.

Google Ad a Trojan?
BitDefender is reporting that a new Trojan can replace Google Adsense text ads. These ads are sometimes hard to tell from web page content. Because Google is a trusted source, it may be time to caution your web users. The Trojan modifies the user's Hosts file which contains IP address and domain name data used to find resources on a network. That allows the Trojan to redirect the ad to any other site. Google is actively trying to remove malware sites. Read moreat InformationWeek.

Update Stops IE
Microsoft is investigating reports that last week's security updates have created problems for some users and their ability to browse the web with Internet Explorer.Some users are having problems with pop-up windows advising them that a problem was encountered and IE needed to close, while others encountered the problem when the program was loading. IE 6 and 7 users are having problems. PCWorld has the story and links on the problems. There's also a follow-up story on a work-around from Microsoft.

IT Spending to Slow in 2008
Forrester Research is rethinking its October report on IT spending. With the U.S. economy slowing, they now predict that instead of an increase, there will be a decline in technology spending at least for the first three quarters. The better news is that spending should increase in the fourth quarter and into 2009. PCW Business Center has more on this story.

BlackBerry Trails
Security software developer Gwava is introducing a product that will allow IT administrators to better monitor BlackBerry usage. It will run on the back end and won't require any client software. The BlackBerry Enterprise Server already logs sent and received email and text messaging, but its logs can be difficult to read. The Gwava software is meant to make it easier.PCW Business Center has more.

Working Through the Holidays
Many bankers take work home with them during the holidays because the workflow doesn't take a vacation. IT has to run 24x7 to support the bank so there is absolutely no real holiday there. But how many people actually plan to do some work over the holidays? ConnectIT tells us 74 percent will do so in their article, quoting a survey by InterCall. They have more stats too. Would you believe 6 percent of the respondents say they work in bed?

Paying for Gambling is a Sure Thing
You may have read about the proposed banking regulation on internet gambling. A related story is brought to us by Reuters, which reports that Microsoft, Google and Yahoo have agreed to a $31.5 million settlement tied to accusations that they promoted internet gambling in ads on their web pages. The settlement involves cash to the U.S. government and millions of dollars in public service announcements advising people that internet gambling is illegal.

IE 8 in 2008
If you're dealing with IE problems and hoping for an upgrade, it won't happen real soon. Microsoft has the release of Internet Explorer 8 Beta 1 set to be released sometime during the first half of 2008. Improvements are expected in the way IE handles cascading >PCWorld has more on the planned beta release.

Is your region hit by holiday scams?
Malicious e-postcards? Phony shopping sites? Coupon scams? Vote on the BOL home page to help us compile a list of the scams our readers see. Thanks for participating!
Service Pack 3 for XP
Microsoft scheduled the release of Service Pack 3 (Release Candidate) for Windows XP users for Wednesday night, December 19th. The Download Center version is 580 megabytes but the Windows Update version is a much more compact 70 megabytes. While SP-3 is aimed at improving the XP operating system, Microsoft is quick to say that Vista is the most secure OS. The final version of the SP3 upgrade won't be ready until sometime next year. You can read more at PCWorld.

Firefox Tricks You May Want
Firefox allows a lot of customization. Computerworld has 15 of the best Firefox tweaks that you may want to enhance your browsing experience. From building your own Firefox search engine, to protecting your privacy, to moving the sidebar to the right, these tweaks help make Firefox your own, or may be a corporate-wide change you want to make. There is a link to IE tweaks, too.

Trouble Across the Pond
The British government is having more than its share of data breaches this year. Several weeks ago, the government lost computer disks with names and bank account information on 25 million individuals (about half the country's population!) On Monday, December 17, the government disclosed that an Iowa contractor lost data on 3 million "learner drivers." The contractor, which reported the loss of the data to British officials in May, said that no bank account information was involved. You'll find more information in the Computerworld article.

In a possible case of the "pot calling the kettle," the UK's Financial Services Authority slapped an insurance company with a hefty fine for lax customer information security practices that resulted in 74 losses totaling $6.6 millon. According to the TechWorld article, Norwich Union failed to put additional security in place even after realizing it had a problem.

58 Make Latest US-CERT List
The US-CERT Vulnerability Summary for the Week of December 10, 2007, lists 17 High and 40 Medium vulnerabilities and 1 Low severity weakness. High severity security faults were reportedin several HP and Microsoft products, and others.

Subscribe to Tech Talk and BOL Tech Advisories
Archived Articles on Technology and eBankingYou have access to archived Tech Talk pages and Tech Alerts on BankersOnline's Technology & eBanking Archive page.
Plus, you'll find the latest technology and eBanking articles and guru Q&As there, too.You'll find many more related articles in our InfoVault.

First published on 12/20/2007

Briefing type: 

Banker Tools View All

A collection of useful resources for various areas of the bank which have been developed by members of the BankersOnline staff or have been created and contributed by users of the BankersOnline site.

Banker Tools

Penalties View All

Banker Store View All

From training, policies, forms, and publications, to office products and occasional gifts, it’s available here:

Banker Store

hot right now

image description

Looking for effective, convenient training on a particular subject?

BOL Learning Connect offers more than 200 courses ON-DEMAND or on CD ROM from AML to Reg Z and every topic in between.

Search Briefings

Briefing Archives