Computer Crime Research Center


Bank security issues

Date: July 30, 2005
Source: ITWweb
By: Stuart Lowman

With phishing attacks becoming more of a threat to e-commerce, Standard Bank says it is stepping up security measures.

Herman Singh, director of technology engineering at Standard Bank, said the bank monitored global trends and had stepped up measures to defend both the company and its customers. These measures included the development of a risk assessment framework and the implementation of recovery plans.

The bank highlighted the most recent attack on local online banking -- a phishing attack by an Eastern European syndicate on 19 May. The syndicate's Web site was consequently shut down but security experts warned customers that they had not seen the last of the Eastern European phishers.

Standard Bank's integrated package of security solutions is designed to help protect its customers from such attacks. These solutions include free McAfee anti-virus software and firewalls (which can be downloaded from the Standard Bank Web site), new two-factor identification technology and secure code for online credit card use in online transactions.

"The vulnerability of home PC users to attack is increased by the use of un-patched software, the absence of firewalls and outdated anti-virus software," he said, stressing the importance of a partnership between the bank and customers in fighting these attacks.

He noted that statistics show e-commerce attacks are escalating rapidly, with phishing attacks increasing by 290% over the past six months and a 50% growth in spyware over the past 18 months.

There has also been a 16-fold increase in virus creation in the past 30 months, said Singh. "The virus is frequently not an end in itself but rather the vehicle for launching a more subversive attack."

Identity theft has seen a shift from vandalism to crime, what was previously a nuisance has become a threat, he added.

However, Singh did mention that e-commerce security is an ongoing journey not a destination, which needs constant improvement and monitoring.
Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo