Last year there were hundreds of cyber fraud incidents that struck banks and put consumers’ personal data at risk, even though the one involving Target stole the scenes. These crimes included payment card skimming, denial-of-service and web app tampering.
As we’ve discussed, security is a top concern for banks at the board level. It’s not that the criminals are particularly bright and that’s why they’re causing so many problems, but rather, security for banks just cannot keep up with the volume and type of attacks. Security can also be under-resourced and/or putting too much of its attention in the wrong places.
A web app attack is the interference of web applications, (such as sending a phishing e-mail ) that tricks the recipient into revealing their banking information. Another example is cracking passwords.
Web attacks are ubiquitous and can be conducted by mediocre-skilled crooks, hunting for the user names and passwords of online banking customers. Banks are responding by beefing up verification processes for their customers rather than relying on just the one-step authentication.
The denial-of-service attack is the second big threat upon banks, when malicious traffic is heaped upon the institution’s web server to disrupt site operation. A malfunctioning site turns off customers—including potential customers. But a DDoS attack can also be launched to divert attention away from another planned attack that actually steals data.
Payment card skimming hits banks hard. The crook puts a phony card reader over the card-swiping device to collect the card’s data off its magnetic strip. The thief will then create phony ATM cards.
The skimming tool can be made at home with a 3D printer—and the cost of the printer can very quickly be recovered with fraudulent use of the phony cards. Skimmers are not traceable, putting a lot of load on bankers’ backs. The fact that some ATMs are remotely located doesn’t help.
There’s still room for the criminals to become savvier, joining forces and sharing ideas, getting organized etc. However, many still remain solitary, which enhances their ability to go undetected.
As renowned security expert Bruce Schneier recently said “Security is now about resilience – it’s not about defense. Banks must up their security awareness, and have a plan in place to respond quickly and thoroughly should there be a breach.
Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- ATM Fraud Increases Identity Theft Risk
Robert Siciliano Identity Theft Expert A spate of recent news reports highlight growing ATM fraud. Law enforcement in New York City reported a gang had stolen $500,000 from bank accounts via ATM skimming. They installed cameras and skimming devices on the machines, and recorded the magnetic strips and the PIN numbers. A recent survey points towards ATM
- Hackers hacking Banks big time
“Anonymous” is an activist hacking group that has recently boasted that it will engage in 30 days of cyber assaults against “all central banks,” reports an article on cnbc.com. And their bite is as big as their bark, as this announcement came soon after several major banks around the world were struck—and Anonymous proudly claimed credit.
- Skimming Big Business targeting Big Business
Skimming means more than just cutting fat off steak; it’s also when a thief obtains data from that magnetic strip on the back of your credit card (or debit or ATM card). The thief records and copies this data with a counterfeit card reader onto a blank card’s strip, and then makes purchases or cash withdrawals
- A Viable Solution to Wave of Skimming and Point of Sale Attacks
Officials are reporting a wave of credit and debit card attacks targeting point of sale swapping, skimming of card data, and hacking into payment processors. Reports say the U.S. Secret Service, among others, are in the process of investigating a multistate crime spree. The Oklahoma Bankers Association commented, “It is beyond apparent our bankers are taking
- Before Getting Rid of Your Old Printer, Say “Goodbye” to Lingering Data
In the security business, there’s a lot of talk about protecting your smartphones and computers from malware and viruses, as well as loss and theft. It makes sense. Most of us use our smartphones and computers on a daily basis and keep important information on them like passwords, user names, and credit card numbers. But