Logo

Site non disponible sur ce navigateur

Afin de bénéficier d'une expérience optimale nous vous invitons à consulter le site sur Chrome, Edge, Safari ou Mozilla Firefox.

adnews

Online Fraud: RSA Warning US Banks

  • RSA warns financial institutions against possible attacks this fall: 30 US banks could be especially targeted. A criminal organisation may in fact be getting ready to roll out a Trojan horse to complete fraudulent wire transfers via manual session-hijacking scenarios. Stolen amounts would be credited to accounts under control of the gang. Fraudsters would even be considering flooding the services in charge of sending confirmations (phone calls and SMSs) to remain unnoticed on the cardholders’ side.
  • The crooks might take advantage of insufficient strong authentication (2FA) policies.
  • If conducted, this campaign would be one of the largest attacks ever against US financial institutions.
Source: RSA Blog
  • RSA indicates that the spree’s longevity will depend on how fast the banks react and their implementation of countermeasures. This information echoes the FBI’s recent dismantling of a network of carders. This organised crime involved 24 suspects in 13 countries, and could have impacted over 400,000 people for over 205 million accumulated losses.
  • This data also comes in addition to a series of attacks against several US banks in the end of September (Wells Fargo, US Bancorp, PNC Bank, Citigroup, Bank of America and JPMorgan Chase). As a result, their customers have been unable to access their online portals for a while.
  • In Europe, some 300 IT security professionals from both private and public sectors (banks, ISPs, telecoms, government agencies) have taken part in a pan-European cyber-security exercise (Cyber Europe 2012) to trial their cooperation ability in the event of a major incident in the financial sector.
  • Meanwhile, EMC (RSA’s parent company) has just partnered with the National Cyber Security Alliance to develop an online threats detection tool for people: Online Identity Risk Calculator. This simulator rates the user’s exposure to online threats based on several criteria (e-banking, e-commerce, use of social media, etc.). The free test is available worldwide, and relies on a series of ten questions setting their risk level on a scale ranging from 0 to 100.