FDIC warns of phishy e-mails hitting business owners. The fraudulent e-mails purport to be from the banking regulator, claiming to have important information about business bank accounts.
Online security has come a long way in recent years, but so have phishing attacks. As the Epsilon e-mail breach proves, fraudsters are honing their attacks through the acquisition detailed e-mail profiles and sensitive information connections, says ID security expert Tim Rohrbaugh.
"The phishing only works if the consumer participates; they have to click on something; they have to open something," says Neal O'Farrell of the Identity Theft Council. "So, based on that assumption, shouldn't we be doing more to educate them?"
Key questions: What impact - if any - will the recent RSA and Epsilon data breaches have on the FFIEC's pending authentication update? And when will this long-awaited banking guidance finally be released?
This piece summarizes the key elements of the three major releases by the FFIEC related to online authentication: The original 2005 authentication guidance, 2006 FAQs and the 2010 draft supplement.
A preliminary draft of new online authentication guidance from the Federal Financial Institutions Examination Council puts greater responsibility on the shoulders of financial institutions to enhance security.
"I'm not sure there is a way to protect a customer if their actions put their network at risk," says the president of a bank victimized by corporate account takeover.
From payment cards to checks, ACH transactions to phishing, there's no question that fraudsters have waged war on banks. And now the institutions are fighting back.
NACHA's CEO says ACH-related fraud is often over-hyped, and occurs far less often than check- and payment card-related fraud. But when corporate accounts are breached, fraudulent ACH transactions lead to big financial losses.
The Experi-Metal Inc. vs. Comerica Bank case is just one of several high-profile incidents of corporate account takeover -- but it's the first to finally head to court.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.