25 October 2014

Identity Theft Expert

Robert Siciliano - IDTheftSecurity.com

521 | posts 1,326,428 | views 59 | comments

ATM Skimming, Cyber Fraud Keep Bankers up at Night

13 June 2014  |  1629 views  |  0

Last year there were hundreds of cyber fraud incidents that struck banks and put consumers’ personal data at risk, even though the one involving Target stole the scenes. These crimes included payment card skimming, denial-of-service and web app tampering. 

 

As we’ve discussed, security is a top concern for banks at the board level. It’s not that the criminals are particularly bright and that’s why they’re causing so many problems, but rather, security for banks just cannot keep up with the volume and type of attacks. Security can also be under-resourced and/or putting too much of its attention in the wrong places.

A web app attack is the interference of web applications, (such as sending a phishing e-mail ) that tricks the recipient into revealing their banking information. Another example is cracking passwords.

Web attacks are ubiquitous and can be conducted by mediocre-skilled crooks, hunting for the user names and passwords of online banking customers. Banks are responding by beefing up verification processes for their customers rather than relying on just the one-step authentication.

The denial-of-service attack is the second big threat upon banks, when malicious traffic is heaped upon the institution’s web server to disrupt site operation. A malfunctioning site turns off customers—including potential customers. But a DDoS attack can also be launched to divert attention away from another planned attack that actually steals data.

Payment card skimming hits banks hard. The crook puts a phony card reader over the card-swiping device to collect the card’s data off its magnetic strip. The thief will then create phony ATM cards.

The skimming tool can be made at home with a 3D printer—and the cost of the printer can very quickly be recovered with fraudulent use of the phony cards. Skimmers are not traceable, putting a lot of load on bankers’ backs. The fact that some ATMs are remotely located doesn’t help.

There’s still room for the criminals to become savvier, joining forces and sharing ideas, getting organized etc. However, many still remain solitary, which enhances their ability to go undetected.

As renowned security expert Bruce Schneier recently said “Security is now about resilience – it’s not about defense.  Banks must up their security awareness, and have a plan in place to respond quickly and thoroughly should there be a breach. 

 

	data theft TagsSecurity

Comments: (0)

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Latest posts from Robert

5 ways Criminals hack your PC

5 hours ago  |  339 views  |  0  |  Recommends 0 TagsSecurity

2 Ways to Prevent Military Identity Theft

24 October 2014  |  399 views  |  0  |  Recommends 0 TagsSecurity

3 Stupid Simple Tips to protect your Identity

22 October 2014  |  719 views  |  0  |  Recommends 0 TagsSecurity

6 Ways to prevent Social Engineering Attacks

14 October 2014  |  626 views  |  0  |  Recommends 0 TagsSecurity

7 ways to prevent Data Theft when traveling

10 October 2014  |  629 views  |  0  |  Recommends 0 TagsSecurity
name

Robert Siciliano

job title

Security Analyst

company name

IDTheftSecurity.com

member since

2010

location

Boston

Summary profile See full profile »
Security analyst, published author, television news correspondent. Deliver presentations througho...

Robert's expertise

Who is commenting on Robert's posts

Otmane EL RHAZI
Ketharaman Swaminathan
Boris Taratine
Michael Rosenstein
Fred Pyziak
Matt Scott
Paul Love
Mike McCormack