IT GRC Forum

FacebookJoin our Linkedin Group!Follow us on Twitter!Subscribe to our Feeds!
Click on the slide!

Realizing SecureData Potential

Live Webcast!             Join us as we discuss how to realize effective data security across an enterprise.

Click on the slide!

Enabling Risk Based IT Gov

On-Demand               Play now for the key concepts and challenges with IT governance.

Click on the slide!

A Breach Prevention Plan

On-Demand               Play now to gain insights and some key steps to prevent payment card…

Click on the slide!

Best Practices for eGRC

On-Demand               Play now and learn how to implement best practices for eGRC.

Frontpage Slideshow (version 2.0.0) - Copyright © 2006-2008 by JoomlaWorks

High rolling cyber-crooks are smashing bank security safeguards

June 26, 2012 - A new, sophisticated breed of cyber-crooks targeting bank accounts belonging to businesses and high-net worth individuals around the world may have stolen EUR60 million over the last year, according to an investigation from McAfee and Guardian Analytics.

The pair say that they have observed a crime ring building on the established Zeus and SpyEye malware to develop attacks against at least 60 financial institutions in Europe, the US and Latin America.

Most Zeus/SpyEye attacks rely on manual components and active participation by the fraudster, using social engineering to compromise computers before planting malware and executing a Man-in-the-Browser attack to skim details that let them carry out transfers.

In contrast, although there can be live intervention in the most high-value transactions, most of the new 'High Roller' process is completely automated, allowing repeated thefts once the system has been launched at a given financial institution or for a given Internet banking platform.

In March crooks used server-side automated attacks to compromise more than 5000 - mainly business - accounts at two Dutch banks, attempting to wire around EUR35.6 million out of the country in transfers of up to EUE100,000 a time.

All of the attacks spotted by McAfee could bypass complex multi-stage authentication and chip and PIN. Unlike recent attacks that collect simple form authentication data - a security challenge question, a one-time token, or PIN - this can get past the extensive physical authentication required by swiping a card in a reader and typing the input into a field.

Separately, Jonathan Evans, director general of the UK's domestic security service, MI5, has claimed in a speech that state-sponsored cyber-attacks cost a single listed UK company around £800 million in lost potential revenues.

Evans says that his organisation is fighting "astonishing" levels of cyber attacks on UK industry, warning that the Olympic Games will prove an "attractive target" for terrorists".

Comments (0)add comment

Write comment


pornocoelho pornocobra pornozebra sexocangrejo pornobanan pornocanguru pornoelefante sexocisne pornogazela sexochacal sexomarsopa

air max pas cher nike air max pas cher air max pas cher nike air max pas cher air max pas cher nike air max pas cher air max pas cher nike air max pas cher air max pas cher nike air max pas cher air max pas cher air max pas cher air max 90 pas cher nike air max pas cher air max pas cher nike tn pas cher nike air max pas cher nike tn nike tn pas cher tn pas cher louboutin pas cher chaussure louboutin pas cher louboutin soldes air max pas cher air max pas cher nike air max pas cher doudoune moncler pas cher doudoune moncler barbour paris barbour paris pas cher hogan outlet hogan outlet online scarpe hogan outlet tiffany outlet tiffany outlet italia air jordan air jordan pas cher jordan pas cher air jordan site officiel