Heise Finds Fault With Banks’ Security
'Heise Security', an online security company has blamed online banks for shrugging responsibility of avoiding phishing scams for the benefit of their customers. The company has picked four online banks that have not secured their sites despite being cautioned about serious security problems over a month back.
'Heise Security' cited 'Cahoot', 'Bank of Scotland' and 'First Direct' as those banks that did not care to secure their banking websites from fraudsters, even though it alerted them about the problem. In September, the security firm indicated how the sites of six banks were vulnerable to criminals' spoofing and theft of the users' identities.
Some banks have taken positive steps after the warning and improved their sites. 'Natwest' is one of them but the chances of attack are still there. Others seem to have become immune to the problem and did not make any changes to their Websites. They shifted the burden to stay clear of phishing scams entirely on the customers.
Heise declared that it was possible to insert a fake page into the banks' websites, which would appear so real that customers simply won't be able to detect anything wrong. Customers would be led to enter their security details such as usernames and passwords, which the miscreants then access. This is what is called a 'phishing scam'.
Heise reasserted action against the problem after which all the banks were quick to fix the problem and informed customers about it. Rob Skinner at 'First Direct', a HSBC part, said that they were updating their security and was sure no one had lost out.
The security firm asserted banks to do more to safeguard their customers. As per a recent research from APACS (Association of Payment Clearing Services), users were still ignorant about basic security steps when banking over the Internet. APACS, a trading group for the payments market in U.K. also noted that phishing attacks climbed by 800 percent over the previous year.
Heise feels that the banks themselves may not be aware of the most fundamental security actions to keep their online customers safe. May be banks should first set themselves in order before finding fault with their customers.
Related article: Hack.Huigezi Virus Attacks China PCs Rapidly
» SPAMfighter News - 26-10-2006