Computer Crime Research Center


Phishing: patches don't save money on bank accounts

Date: August 16, 2006

Research from Cardiff University has revealed that around 3 million online customers of HSBC may be vulnerable to fraudulent attacks. This is because HSBC has failed to patch a security vulnerability known to the bank for the past two years. Online customers at the bank are allegedly being targeted by cybercriminals who use 'keyloggers' to capture data in order to access online accounts at a later date and steal funds.

Commenting on the security flaw, Andrew Moloney, senior product manager at RSA Security's consumer solutions division, said: "HSBC has been heavily criticised for not addressing this flaw, but I don't believe this criticism is valid. No banks' systems are 100% secure, and even if every flaw was patched immediately this would not mean that online banking users were safe from fraudsters - far from it.

"Online fraud attacks rarely rely on technology flaws, they flourish because of the one flaw that cannot be addressed by a security patch - the user. This means deploying proactive measures to thwart online fraud attacks before they proliferate and using technology that is intelligent enough to recognise anomalies and inconsistencies in a user's online behaviour. User education is also crucial
Original article

Add comment  Email to a Friend

Discussion is closed - view comments archieve
2007-02-26 03:06:03 - The information I found here was rather... uomo
2007-02-22 10:44:28 - Nice site you have!... dizionario
Total 2 comments
Copyright © 2001-2013 Computer Crime Research Center
CCRC logo