Background
Man-in-the-browser attacks are the state of the art in online banking fraud. And the criminal community is heavily focusing these attacks on business-banking customers, where the available funds are often greater, transaction limits are higher, and the business customer has a lucrative target with access to a wire transfer or Automated Clearing House (ACH) services through its online-banking interface.
While many safeguards are deployed within financial institutions, criminals are evolving their techniques rapidly, and many of the security methods are simply not effective against man-in-the-browser attacks - particularly when the business customer is the target.
To fleece their victims, criminals are increasingly turning to highly effective social engineering tactics, combined with stealthy malware, to illegally obtain consumer identities. As a result, businesses and their financial institutions around the world are being targeted and successfully defrauded of millions of dollars. This has resulted in businesses fighting back to recover millions of lost dollars, with several in the process of legal action against their banks.
In this session, Eric Skinner, CTO of Entrust, will look at:
- The current state of online fraud;
- How the evolution of these threats affects online transactions;
- Approaches that can be effective in addressing the latest online threats - and in particular, man-in-the-browser attacks.