As summer draws to a close, banking institutions and their customers face a new wave of targeted phishing attacks - and industry experts predict these incidents will only increase in the months ahead.
IT systems operated by governments, hospitals, financial institutions and other businesses averted catastrophe, for the most part, as Hurricane and then Tropical Storm Irene stormed through the Eastern seaboard over the weekend.
This $38 billion bank has invested a great deal of time and effort into its online security program, continuously conducting risk assessments and making strides to ensure commercial customers stay informed about evolving online-banking risks.
The FDIC is yet again a target for phishing, with fraudulent e-mails urging business owners to click malicious links purporting to provide FDIC information about their financial institution.
Phishing e-mails, feigning to be from the Internal Revenue Service, are reportedly targeting consumers with claims that tax accounts have been locked and require immediate action to reopen.
International collaboration, steeper convictions for those who are caught and government support for the cyberfight are fueling positive progress in the fight against cybercrime.
When it comes to social media, organizations have to be vigilant and consistent with risk assessments that closely monitor and evaluate emerging threats, says Andrew Kennedy of BITS.
"We're continually testing our controls and the effectiveness of our controls. We do a lot of emerging-threats monitoring ... so we can react," says First Niagara's Joe Rogalski.
A California judge handed down a 12-year prison sentence to a phisher who stole financial details from more than 38,000 online accountholders. Observers say the sentence signals a changing attitude about the severity of cybercrimes.
Corporate account takeover events are reigniting the debate between banks and their former commercial customers, about everything from fraud liability and the "good faith" standard to commercially reasonable security.
"The FFIEC guidance does a good job of addressing today's and yesterday's threats and suggested techniques, but it is not sufficiently forward-looking," says Gartner's Avivah Litan. "Two years from now, the guidance will be sorely out of date."
The Federal Financial Institutions Examination Council has formally released the long-awaited update to its "Authentication in an Internet Banking Environment" guidance. The new directives take effect January 2012.
"Simple passwords alone do not provide sufficient commercially reasonable security," says Jim Payne of fraud victim Choice Escrow. "Where is the principle of doing what is right and just?"
No one is really sure when the FFIEC's new authentication guidance will be issued, but we do know banking institutions can't afford to wait. Hence, our new FFIEC Authentication Guidance Resource Center.
Authentication expert Steve Dispensa says banking institutions need to realign their authentication infrastructures to include a mix of in-band and out-of-band measures.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.