Online Bankers’ Education on Phishing is Obsolete
If customers continue to be unable to acquire their own money over online transactions; banks would in all probability transfer the responsibility of financial losses onto the customer.
Although several financial institutions have imparted a lot of customer education on phishing attacks, still that is not enough because primarily it lacks commonsense in dealing with phishers, said Paul Henry, senior VP of Secure Computing in news for ComputerWorld.
Even if a user enters a URL manually, security doesn't work as phishers have designed a Trojan code that changes the Windows host file to redirect it to a phishing site, he said.
Phishers also have the ability to redirect information to a different server by attacking a router. Here again user commonsense has no use. Henry is amazed how attackers compromise bank servers to host phishing sites.
According to Henry, banks are not willing to recompense losses to a customer whose account is hacked. For instance, a Trojan compromised the PC of a Bank of America customer leading to a theft of $90,000 from his account. The phishing process wired the funds to a bank in a country in Europe while $20,000 was withdrawn immediately. Although U.S. courts have put the theft on trail but says Henry, the Bank of America is shrugging off responsibility saying that a Trojan on a customer's PC is his problem.
The defendant says the bank told him to use Internet banking as it reduces the bank's transaction costs so if the court gives verdict in favor of the bank the decision would be unfortunate, viewed Henry.
David Bell, CEO of Australian Bankers' Association assures that their systems constantly monitor online transactions. Therefore, there are few reports of cases of online fraud, particularly with respect to phishing.
Bell explained that as a result of banks' fraud prevention activities like training of employees, maintaining strict privacies to policies, and using rigorous security and encryption systems, customers were reporting fewer cases of online fraud. These activities are in addition to educating customers on ways to avoid the phishing trap. The combined efforts, however, have declined the level of fraud in Australia.
Related article: Online Card Fraud Shows Greater Tendency Than Chip and Pin
» SPAMfighter News - 21-02-2007