Technology news and Jobs 
Fuzzy Logic Australia prime ID fraud target - $4b stolen!
Fuzzy Logic Australia prime ID fraud target - $4b stolen! | Australia prime ID fraud target - $4b stolen! |
|
| by Alex Zaharov-Reutt | |
| Thursday, 02 October 2008 | |
|
Page 2 of 2 TrustDefender has posted worrying information at its blog about the rise and rise of banking Trojans, specifically designed to circumvent the vaunted “two factor authentication” that is supposed to defeat ID theft. Featured Whitepaper
5 Best Practices for Smartphone Support
Typically installed via “drive-by downloads” to totally unsuspecting users, TrustDefender’s CTO, Andreas Baumhof, writes that this Trojan: “targets financial institutions worldwide (with a focus on US, Germany, Spain, Australia) and as the Silentbanker versions before it, and it can successfully circumvent Two-Factor-Authentication, which is why quite a few banks with two-factor-authentication solutions are targeted.” Baumhof notes that the trojan operates completely silently and “just “uploads” the collected information in real-time in an encrypted way to a malicious host”, while also dynamically (in real time) introducing “malicious HTML elements into the banks website to collect additional information. This malicious HTML elements appear within the bank’s site, so nobody (not even security experts) can spot anything suspicious.” Baumhof also advises that: “As we would have expected, virtually no Antivirus Engines were detecting this Rootkit”, and points to analysis from the “Virus Total” website to show this is the case. Naturally, as you’d expect, TrustDefender say its solution protects its users from this new Trojan, given that its software does not depend on blacklists or heuristics, but uses a sophisticated “Kernel Forensics” engine to detect rootkits and other malware, and stop them in their tracks whenever a user is logging into their banks or performing other financial transactions, giving protection even if a computer is otherwise badly infected. TrustDefender was recently deployed by the BananaCoast Credit Union (BCU) in Australia (among other financial institutions) with BCU deciding to offer TrustDefender software free of charge to all its members, dramatically increasing both BCU’s and its customers’ security, as BCU is able to determine the security status of each connecting customer computer. BCU says that TrustDefender gives it visibility into customer security that it never had before the TrustDefender solution, letting it change risk profiles on the fly if needed, while proactively warning customers of the security health status of their PCs, among other benefits. Baumhof notes: “The good news is: All TrustDefender users (most notably all BCU members) are protected as TrustDefender’s Secure Lockdown will make sure that no personal information will leave the computer as it will only allow internet requests to BCU’s site [or those of the relevant bank, credit union or financial institution a customer uses]. “Also all TrustDefender users for all banks who are part of our Financial Trust Network (including all Australian banks registered with the Australian Bankers Association - ABA) are also protected”, concluded Baumhof. So... with online criminals making the “World Wide Web” more like the “World Wild Web” with every passing day, doing what we can to ensure our online safety is becoming ever more paramount. Check out the “National ID Fraud Awareness” week, consider adding to your level of security with software like TrustDefender, and please make sure your current Internet security software is up to date (or replaced with a 2009 version). And don't forget to make sure your operating system is set to automatically update itself, check that it is actually installing the updates, check that you're running the latest browsers, and if you're a consumer doing online banking on a computer with a "pirate" version of Windows, for goodness sakes, go legal and make sure you get all those critical updates! Follow these guidelines and you can dramatically lower the chances of ever becoming a victim of online ID theft and financial crime. |
Tags
| < Next story in category | Previous story in the category > |
|---|
