Banks Require Thwarting more-and-more Cyber-Assaults; Jorge Solis
According to Senior Vice-President of Security Jorge Solis of First Midwest Bank in Illinois, banks require to increasingly thwart computer hackers' attacks that target their business clients for attempting at carrying out fake funds transfers online unlike what they did earlier. Computerworlduk.com published this on November 11, 2011.
Solis, who is in-charge of the bank's security at its Itsaca branch, says that within the banking sector, the cyber attacks occur nearly everyday. First Midwest Bank has observed Internet crimes against its own institution wherein hackers' attacks enable them to initiate fraudulent funds transfers or similar payments. Thus, speedy foiling of them is necessary, as bank transactions along with wire-transfers by the automated clearinghouse ACH occur rapidly, states Solis.
Computer hackers aim at transferring huge sums to other accounts followed with stealing those amounts while effectively bypassing security safeguards like impregnable two-factor password validation of a token form, Solis explains.
Moreover, the attackers frequently employ the ZeuS Trojan for intercepting users' login details by monitoring their keystrokes, Solis states. Eweek.com reported this on November 11, 2011. A family of malicious Trojans, the ZeuS that the banking sector encounters most frequently can execute man-in-the-middle assaults by displaying fake websites for intercepting customers' keystrokes when the users initiate any banking transaction.
Indeed, an end-user may successfully acquire access to the net-banking website, but ZeuS may simply make him think he's on the intended site, while actually trick him to input his information for the transaction onto the scammers' own crafty splash web-page, Solis explains.
And despite the end-user conducting net-banking using the two-factor validation, the man-in-the-middle assault may work out effective. For, no sooner he might feed in the password that is obtained from the token two-factor validation, into the scammers' splash web-page, the cyber-criminals will intercept and utilize it for loading their malware onto the actual net-banking site and thereby manage in executing unauthorized wire-transfers. Solis explains that the attacks occur in simultaneous actions of the net-banking user and the attacker, observing that the special two-factor validation password, which hardware usually produces, can be used only for a time-span of 3-secs to 2-mins.
Related article: Bank Issues Spam Alerts
» SPAMfighter News - 21-11-2011