Asian Banks at Greater Risk of Phishing Frauds
A study entitled, "State of Online Security in Financial Institutions in Asia -2008", by software specialist ReadiMinds revealed that more than 25% of banking institutions in Asia were victims of phishing over the past year (June 2007-May 2008).
The survey, which was conducted in June 2008, covered Taiwan, Hong Kong, Singapore, Indonesia, Malaysia, Philippines, Thailand, Sri Lanka, Bangladesh, Cambodia and Vietnam concentrated on problems relating to phishing that lead to identity theft and financial frauds on the net.
The researchers explained that in phishing frauds, particularly relating to banks, consumers receive a legitimate looking e-mail that asks to verify personal information for a reason that their bank want to protect the recipient's Internet bank account that could be accessed with a wrong password. But, when a user clicks on the link for the so-called account verification, he is taken to a spoofed bank Website that is malware loaded.
It is often difficult to identify the competent phishing sites as phishers seize the logos and other symbols of the banks as well as copy their Website designs so accurately that users hardly doubt when they divulge their password and login details to a criminal.
Meanwhile, Dave Marcus, Security and Research Manager at McAfee, a security software developer, said that phishing techniques are becoming more and more sophisticated. Perpetrators nowadays run their activities like businesses and employed salaried people who not only include program developers, but also professional malware writers, as reported by CBC on June 25, 2008.
Researchers at ReadiMinds further revealed that fraud prevention and identity management; risk management; disaster recovery and regulatory compliance are the prime security issues on the agendas for the Asian banks in 2008 owing to the growth of phishing frauds.
However, awareness programs along with the use of new technology do not necessarily prove that banks are fully prepared against online theft of identities and phishing related frauds. The study found that merely 20% of banks actually possessed an official plan for raising consumer awareness about such security issues. Also, over 60% of banks continue to lack a readily flowing budget for keeping online transactions secured.
» SPAMfighter News - 15-07-2008