Security Flaw Puts HSBC Customers At Risk
Researchers from Cardiff University relate the possibility of hacking into a HSBC account within nine attempts. HSBC, one of UK's highest rated banks has discovered a glaring security loophole, which has resulted in exposing millions of online bank accounts to fraudsters. This drawback in HSBC's online banking system has left UK's 3.1 million customers, vulnerable to online attack. As described by one computing expert the lapse is 'scandalous'.
The researchers claim that it is possible to break into any account with HSBC by the use of key logging technologies enabling to acquire the necessary entry details. The researchers demonstrated that even without hacking or even illegally entering into the system, an attacker could collect all the required information to hack any customer account.
Once the keylogger software gets installed on a computer, the hacker can get to know the keystrokes employed on it, which enables him reach out to the information required for logging onto online account. The researchers inform that this vulnerability could stay for at least two years.
According to Professor Antonia Jones, leader of the research team, customers are at risk so long as the flaw exists. He further adds that it is pretty scandalous for banks making large profits out of the customers but not protecting them.
However, HSBC has returned the researchers' claim of the vulnerability of the bank's online service by stating that its 3 million customers were not at any risk. A bank spokesman said that the loophole wasn't a viable way for a hacker to steal and that till now fraudsters have not used it. He also admitted that the bank would now take different steps in doing things.
Banks' systems are not fully secure and even if a flaw were patched it would still not ensure online banking users completely safe from criminals. Online fraud attacks do not depend on technology flaws rather it thrives because of carelessness by the users.
Thus the onus of safe Internet transactions lies on the users for being aware of the existing risks and tackling them meticulously.
Related article: Securities Push Up A Must For Web Companies
» SPAMfighter News - 29-08-2006