Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Banking Fraud Sophistications Reaches New Levels

ValidSoft : 16 August, 2010  (Technical Article)
Zeus Trojan uses secondary information to gain more control over banking accounts as sophistication levels of such attacks continue to increase
As more details emerge regarding the $1m Zeus Botnet raid on UK bank accounts, it has become clear that the fraudulent attacks used are increasing in sophistication. While many Trojans will only steal login details and passwords, Zeus was able to retrieve enough secondary information to make transfers. ValidSoft, an online banking and fraud specialist, believes that not only is this type of attack predictable, it is preventable too.

Pat Carroll, CEO of ValidSoft, states that online banking channels have always been vulnerable to advanced fraudulent techniques because of their sole reliance on strong authentication, 'At ValidSoft we have been predicting attacks such as the Zeus Trojan since 2006 and expect such attacks to become more frequent and increasingly sophisticated. Customers are actively encouraged to take advantage of online channels but are unaware of how vulnerable they are to attacks like Man-in-the-Middle (MitM) and Man-in-the-Browser (MitB).'

'The high profile nature of this case has now made it absolutely mandatory that banks implement strong authentication coupled with transaction verification. Telephony based Out-of-Band (OOB) transaction verification is by far the most flexible, user friendly and effective way of combating MitM and MitB. By utilising mobile or landline telephones the user is able to confirm that transaction details displayed on screen are the same as the information that is actually being processed. Utilising OOB channels in this manner is the only way web users can be sure that a transaction has not been tampered with and is indeed the transaction originated by the legitimate parties.'
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo