26 September 2017
Michael Grillo

Michael Grillo

Michael Grillo - ACI Worldwide

9Posts 33,200Views 2Comments
A post relating to this item from Finextra:

FBI investigating 400 corporate account takeovers

16 September 2011  |  9198 views  |  0
The FBI is currently investigating over 400 reported cases of corporate account takeovers, where cyber crooks have used ACH and wire transfers to steal tens of millions of dollars from US businesses.

Staying 'fraud-aware' is critical

16 September 2011  |  3434 views  |  0

The news from the FBI does not come as a surprise given the tenacity of cyber criminals in their efforts to steal from businesses and consumers. The reference from the Department of Homeland Security that "the mission to reduce the cyber risks posed to the finance sector systems is a national endeavor, requiring broad collaboration" reinforces the need for financial institution to partner with customers on educating them on the dangers of these types of attacks.

Just yesterday I received an e-mail from Bank of America telling me my Online Banking privileges would be de-activated if I didn't renew my subscription. I have to say this e-mail looked extremely legitimate, until I read the smaller text and found a typo. Now I normally would never click through to a link from an e-mail but rather go directly to the site for any confirmed instructions around my account, however for some people this bogus phishing e-mail would have prompted them to follow its instructions. I did forward the e-mail to the bank (they have a dedicated abuse e-mail address) and they replied they were aware of the scam and trying to shut down the source.

Many banks will post any known threats on their site, so customers (businesses and consumers alike) should get to know where their financial institutions may be posting these bulletins to help heighten awareness.

These events reinforce the FFIEC's recent Supplement to its 2005 Guidance on Authentication in an Online Banking Environment. The Supplement calls for financial institutions to take a layered approach to authentication and anomaly detection for monitoring online banking transactional activity. Such an approach would include utilizing security tools like multi-factor authentication and limit management with a fraud prevention and detection solution which would include customer profiling and analytics to detect suspicious behavior. The Guidance also calls for authentication techniques, challenge questions, and customer education. Technology will always play a key role in the fight no doubt, but the financial community working together with its customers on awareness campaigns will continue to be critical.


Comments: (0)

Comment on this story (membership required)

Latest posts from Michael

The true cost of cash

05 September 2012  |  3420 views  |  0 comments | recomends Recommends 0 TagsMobile & online

Gives new meaning to 'open your wallet'

06 August 2012  |  3055 views  |  0 comments | recomends Recommends 0 TagsMobile & online

Personal fraud management: staying a step ahead

30 July 2012  |  2832 views  |  0 comments | recomends Recommends 0

Going cashless: the heat is on

30 July 2012  |  3058 views  |  1 comments | recomends Recommends 0 TagsMobile & online

The Tale of Two Travels

09 March 2012  |  2107 views  |  1 comments | recomends Recommends 0

Michael's profile

job title Senior Product Marketing Manager
location Boston
member since 2011
Summary profile See full profile »
Product marketing for ACI's financial crime management line of business.

Michael's expertise

Member since 2011
9 posts2 comments
What Michael reads
Michael's blog archive
2012 (5)2011 (4)

Who's commenting on Michael's posts