Computer Crime Research Center


Banks to enhance anti-spyware protection

Date: July 26, 2005

The FDIC on Friday urged banks to enhance their protections against spyware, to limit the risk that customers' personal data may be stolen.

The guidance from the Federal Deposit Insurance Corp. comes amid a growing stream of reported incidents of the theft or exposure of personal customer data.

Spyware is a kind of software installed on a computer without the user's knowledge, often through a virus or when a user downloads a free program.

It is designed to let a hacker eavesdrop, collect personal or confidential information and perhaps track and record a user's activities. Some spyware can obtain such information as passwords or card numbers. It also often buries users under a blizzard of unwanted ads.

In the biggest reported security breach, details on some 40 million Visa, MasterCard, American Express and Discover credit cards were exposed to potential fraud through a breach at CardSystems Solutions Inc., a Tucson, Arizona, processor.

Data on hundreds of thousands of customer accounts at such banks as Bank of America Corp. (BAC.N: Quote, Profile, Research) and Wachovia Corp. (WB.N: Quote, Profile, Research) may also have been exposed in other incidents.

"Information collected through spyware can be used to compromise a bank's systems or conduct identity theft," said Michael Zamorski, director of the FDIC division of supervision and consumer protection.

"It is critical that banks stay vigilant about the risks involved with this malicious software."

The FDIC said banks should educate customers about the risks of spyware and encourage them to take steps to prevent and detect spyware on their own computers.

Banks should also advise customers of the risks of banking online on public computers -- such as in hotels, libraries or Internet cafes -- where spyware might have been installed.
Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo