Welcome to Finextra. We use cookies to help us to deliver our services. We'll assume you're ok with this, but you may change your preferences at our Cookie Centre.
Please read our Privacy Policy.

Accept
Channels
Blog article
See all stories »

Channels

Security Regulation & Compliance

Group

Information Security
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

An article relating to this blog post on Finextra:

New York ATM skimming gang steals $500,000

New York police are on the hunt for a gang of thieves accused of using ATM skimming technology to steal account details and PIN numbers before withdrawing over $500,000.

See article

Thinking and Awareness Needed to Stop Crime, Not Just Tech

Recently, a targeted crime spree hit Staten Island with 250 Sovereign Bank customers caught up in a never-ending technological arms race between criminals and the rest of us.  This time it wasn’t the latest hacker sitting at a far away computer in the middle of the night.  Rather it was a small gang that used skimming technology and video cameras to compromise the accounts and make off with over $500,000. But for the alertness of Microsoft "evangelist", Sean Siebel who spotted the scam while doing his own personal banking, it probably would have been millions lost before detection.

According to banks, skimmers are rarely spotted in the wild, yet after seeing Sean on the news, another New Yorker spotted another skimmer at a Chase branch. The branch manager hadn't heard of the scam.

We see national news headlines about breaches and individual customer information being stolen by faceless entities in far-away lands.  We assume these scams require tech prowess and amazing skill, but it usually turns out to be as simple as a mirror and hidden video camera. Many times the response to these attacks is to add more features and functionality to our technology.  In the case of credit cards, the focus has been on Chip and PIN, especially in Europe. Soon, even more sophisticated 2-factor authentication is coming through cards with built-in single use PIN generators.

Unfortunately, as this story shows, even the most advanced technology is easily subverted by cheap tools you could purchase at Best Buy or download for free, together with a small amount of ingenuity. The problem is that we place too much trust in the technology, and not enough in being alert, observant and careful. In fact, the more we rely on technology to do our thinking for us, the more complacent and vulnerable we become.

The lesson: if your security approach is purely based on a better technology mousetrap, you are a breach waiting to happen. Don't forget to educate your people, understand the risks you face, and always assume that the criminals will find a way around whatever technology barriers you erect.

5442

Channels

Security Regulation & Compliance

Group

Information Security
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Report abuse

Comments: (0)

Join the discussion
Blog group founder

Member since

0

Location

0

More from member

This post is from a series of posts in the group:

Information Security

The risks from Cyber cime - Hacking - Loss of Data Privacy - Identity Theft and other topical threats - can be greatly reduced by implementation of robust IT Security controls ...

See all
Community
See all blogs »
Fintech 

How innovation in encryption is helping secure the credit card approval process

Ghazi Ben Amor

Ghazi Ben Amor

Operational Risk Management 

DORA – Navigating the EU’s Operational Resilience Landscape

Antony Fung

Antony Fung

Fintech 

The importance of risk management in trading

Kate Leaman

Kate Leaman

Digital Identity Management 

Navigating the digital identity landscape: A blueprint for financial services competitiveness

Adam Preis

Adam Preis

Now hiring

See more