See How Financial Institutions Respond to the Latest Threats
From skimming and POS attacks to ACH fraud and payment card hacks, 2010 was "The Year of Fraud," and the year's incidents have left banking institutions and their customers anxious for new solutions to prevent fraud in all its forms.
In response to the growing fraud threats – and to the demand for new solutions – Information Security Media Group just concluded its latest survey, "The Faces of Fraud: Fighting Back."
This is the Executive Summary of the survey results and what they suggest for fighting fraud in 2011.
One of the most telling responses of the survey is to this question:
When is a fraud incident involving your organization usually detected?
To read the entire article, click here - http://www.bankinfosecurity.com/surveys.php?surveyID=9
Tuesday, December 28, 2010
Thursday, December 23, 2010
Card Skimming Trends for 2011
Mag Stripes, POS Are Top Vulnerabilities to Fraud
By Tracy Kitten
Payments card fraud is not expected to slow down anytime soon, especially from skimming attacks. Industry experts say card skimming at ATMs and points of sale is quickly reaching a tipping point in the United States, where lingering magnetic-stripe technology is making U.S. cardholders easy targets.
At the ATM, card skimming remains the No. 1 fraud threat. But as distinguished Gartner analyst Avivah Litan points out, skimming at point of sale devices is becoming increasingly troublesome. "POS fraud is rising, and it's likely because of skimming," Litan says.
Top Threats
Today's two most common skimming attacks occur at the POS, either by employees who use hand-held skimmers or fraudsters who swap legitimate POS devices for devices that have been manipulated to skim and transmit card data. That so-called swap attack is what led to the card compromise at Hancock Fabrics, reported earlier in 2010.
Pay-at-the-pump terminals and ATMs also rank high in the skimming chain because they are unattended. As Litan says, "They are usually a fraudsters' easiest target." Pay-at-the-pump has proven vulnerable because of easy accessibility. Default codes used to open gas pump enclosures have been exploited by criminals posing as technicians, for instance. Once inside, the criminal can install a skimming device and connect it directly to the terminal's key pad and card reader. It's undetectable from the outside, giving the device ample opportunity to collect card data in real-time, as the card is swiped and PIN entered.
To read the entire article, click here - http://www.bankinfosecurity.com/articles.php?art_id=3199&rf=2010-12-21-eb
By Tracy Kitten
Payments card fraud is not expected to slow down anytime soon, especially from skimming attacks. Industry experts say card skimming at ATMs and points of sale is quickly reaching a tipping point in the United States, where lingering magnetic-stripe technology is making U.S. cardholders easy targets.
At the ATM, card skimming remains the No. 1 fraud threat. But as distinguished Gartner analyst Avivah Litan points out, skimming at point of sale devices is becoming increasingly troublesome. "POS fraud is rising, and it's likely because of skimming," Litan says.
Top Threats
Today's two most common skimming attacks occur at the POS, either by employees who use hand-held skimmers or fraudsters who swap legitimate POS devices for devices that have been manipulated to skim and transmit card data. That so-called swap attack is what led to the card compromise at Hancock Fabrics, reported earlier in 2010.
Pay-at-the-pump terminals and ATMs also rank high in the skimming chain because they are unattended. As Litan says, "They are usually a fraudsters' easiest target." Pay-at-the-pump has proven vulnerable because of easy accessibility. Default codes used to open gas pump enclosures have been exploited by criminals posing as technicians, for instance. Once inside, the criminal can install a skimming device and connect it directly to the terminal's key pad and card reader. It's undetectable from the outside, giving the device ample opportunity to collect card data in real-time, as the card is swiped and PIN entered.
To read the entire article, click here - http://www.bankinfosecurity.com/articles.php?art_id=3199&rf=2010-12-21-eb
Wednesday, December 15, 2010
More Americans Say They're Cybercrime Victims
11% of U.S. Households Report Computer-Related Crime in Past Year
By Eric Chabrow
Americans are nearly as likely to be victimized by an Internet-based crime as they are of other forms of nonviolent theft. At least that's the perceptions expressed by Americans when asked about crimes committed against themselves and their families.
Eleven percent of American adults report that they or a household member fell victim to a computer or Internet crime on their home computers in the past year, according to a Gallup Poll released Monday. By comparison, over the previous seven years, the percentage of Americans saying their were victimized by computer or Internet crimes ranged from between 6 percent and 8 percent.
Gallup says:
"At 11 percent, computer/Internet-based crime is edging closer in reported frequency to the most common traditional forms of crime involving nonviolent theft of personal property and vandalism. Further, the increase is an exception in the overall crime picture, in that Americans' victimization reports have been fairly steady over the past several years. Not only has the overall percentage of Americans experiencing any type of crime been fairly flat, but Americans' reports of specific crimes have been flat as well."
to read the entire article, click here - http://blogs.bankinfosecurity.com/posts.php?postID=820&rf=2010-12-14-eb
By Eric Chabrow
Americans are nearly as likely to be victimized by an Internet-based crime as they are of other forms of nonviolent theft. At least that's the perceptions expressed by Americans when asked about crimes committed against themselves and their families.
Eleven percent of American adults report that they or a household member fell victim to a computer or Internet crime on their home computers in the past year, according to a Gallup Poll released Monday. By comparison, over the previous seven years, the percentage of Americans saying their were victimized by computer or Internet crimes ranged from between 6 percent and 8 percent.
Gallup says:
"At 11 percent, computer/Internet-based crime is edging closer in reported frequency to the most common traditional forms of crime involving nonviolent theft of personal property and vandalism. Further, the increase is an exception in the overall crime picture, in that Americans' victimization reports have been fairly steady over the past several years. Not only has the overall percentage of Americans experiencing any type of crime been fairly flat, but Americans' reports of specific crimes have been flat as well."
to read the entire article, click here - http://blogs.bankinfosecurity.com/posts.php?postID=820&rf=2010-12-14-eb
Wednesday, December 8, 2010
Military Overuses PII Raises ID Theft Risk - MUST READ!!!
Report: Uninformed, Cavalier Culture Limits Efforts to Curb PII Use
By Eric Chabrow, Executive Editor, GovInfoSecurity.com
The military's use of Social Security numbers and other forms of personal identifiable information such as birth dates places service members at a higher risk of identity theft than the population at large, and efforts to limit their use are meeting resistance by an "uninformed, sometimes cavalier" military culture.
That's the thrust of a paper written by four senior Army officers and West Point faculty members, entitled The Military's Cultural Disregard for Personal Information, which appears on the website of Small Wars Journal.
"In an era when an individual's Social Security number and date of birth have become the keys to identity theft, the ubiquitous use of the Social Security number by the military services is reckless," the paper says. "The problem is compounded by an uninformed, sometimes cavalier, culture and attitude surrounding the protection of PII that is common in the military."
In an interview, one of the paper's authors addresses the ubiquitous of Social Security numbers in military life. "We use the Social Security number in every aspects, both mundane and sensitive," Lt. Col. Gregory Conti says. "We use the Social Security number as an identifier and as a password. Children 10 years old and up have a military ID card with their sponsor's Social Security number on it. It's in every facet of our lives. It's in our recycling bins. We shout it out in formation; we thumbtack it to bulletin boards. It's everywhere, so we're courting disaster in how we us it."
To read the entire article, click here - http://www.govinfosecurity.com/articles.php?art_id=3150&rf=2010-12-08-eg
By Eric Chabrow, Executive Editor, GovInfoSecurity.com
The military's use of Social Security numbers and other forms of personal identifiable information such as birth dates places service members at a higher risk of identity theft than the population at large, and efforts to limit their use are meeting resistance by an "uninformed, sometimes cavalier" military culture.
That's the thrust of a paper written by four senior Army officers and West Point faculty members, entitled The Military's Cultural Disregard for Personal Information, which appears on the website of Small Wars Journal.
"In an era when an individual's Social Security number and date of birth have become the keys to identity theft, the ubiquitous use of the Social Security number by the military services is reckless," the paper says. "The problem is compounded by an uninformed, sometimes cavalier, culture and attitude surrounding the protection of PII that is common in the military."
In an interview, one of the paper's authors addresses the ubiquitous of Social Security numbers in military life. "We use the Social Security number in every aspects, both mundane and sensitive," Lt. Col. Gregory Conti says. "We use the Social Security number as an identifier and as a password. Children 10 years old and up have a military ID card with their sponsor's Social Security number on it. It's in every facet of our lives. It's in our recycling bins. We shout it out in formation; we thumbtack it to bulletin boards. It's everywhere, so we're courting disaster in how we us it."
To read the entire article, click here - http://www.govinfosecurity.com/articles.php?art_id=3150&rf=2010-12-08-eg
Tuesday, December 7, 2010
Top 3 Payments Trends for 2011
Experts Eye Mobility via Social Networks, Partnerships, ACH
Tracy Kitten, Managing Editor
The payments landscape is poised for big changes in 2011. The top three trends expected to have the greatest impact: payments facilitated through social networks, partnerships between financial institutions and innovative non-financial vendors, and investments in new options for mobile transactions and Automated Clearing House .
From a mobile perspective, the expected adoption of the EMV chip & PIN standard, as well as heightened use of prepaid cards, will play significant roles, too.
The EMV discussion is not new. Some industry experts, including Randy Vanderhoof, executive director of the Smart Card Alliance, say mobile and EMV-like chip payments go hand in hand.
"By 2011, we can expect to see more NFC (near-field communications) enabled devices," Vanderhoof says. Once that happens, the connection between mobile and contactless chip payments will be bridged. With an estimated 75 million contactless chip cards already in use in the United Sates, Vanderhoof says it's time for the payments industry to have serious discussions about linking contactless and mobile.
From the prepaid angle, the link to mobile has already been established, and competition is closing in, says Cindy Merritt, assistant director of the Federal Reserve Bank of Atlanta's Retail Payments Risk Forum. "We're seeing a lot more activity on the part of telecoms, which are starting to provide services on a prepaid basis via the mobile channel," she says. "They are allowing consumers to make payments and have those payments appear on their phone bills."
To read the entire article, click here - http://www.bankinfosecurity.com/articles.php?art_id=3148&rf=2010-12-07-eb
Tracy Kitten, Managing Editor
The payments landscape is poised for big changes in 2011. The top three trends expected to have the greatest impact: payments facilitated through social networks, partnerships between financial institutions and innovative non-financial vendors, and investments in new options for mobile transactions and Automated Clearing House .
From a mobile perspective, the expected adoption of the EMV chip & PIN standard, as well as heightened use of prepaid cards, will play significant roles, too.
The EMV discussion is not new. Some industry experts, including Randy Vanderhoof, executive director of the Smart Card Alliance, say mobile and EMV-like chip payments go hand in hand.
"By 2011, we can expect to see more NFC (near-field communications) enabled devices," Vanderhoof says. Once that happens, the connection between mobile and contactless chip payments will be bridged. With an estimated 75 million contactless chip cards already in use in the United Sates, Vanderhoof says it's time for the payments industry to have serious discussions about linking contactless and mobile.
From the prepaid angle, the link to mobile has already been established, and competition is closing in, says Cindy Merritt, assistant director of the Federal Reserve Bank of Atlanta's Retail Payments Risk Forum. "We're seeing a lot more activity on the part of telecoms, which are starting to provide services on a prepaid basis via the mobile channel," she says. "They are allowing consumers to make payments and have those payments appear on their phone bills."
To read the entire article, click here - http://www.bankinfosecurity.com/articles.php?art_id=3148&rf=2010-12-07-eb
Thursday, December 2, 2010
WikiLeaks: Stronger Access Mgt. Needed
Was a Process Failure Preordained?
By Eric Chabrow
Not adequately implementing access management - deciding who should gain entry not only to an IT system but to specific data, as well - is a major process failure that led to the WikiLeaks leaks, the unauthorized access and downloading of 250,000 sensitive and classified diplomatic cables and other files.
Simply, if properly configured, an access-governance system might have prevented an Army private from extracting the diplomatic cables. The government alleges that Pfc. Bradley Manning, an Army intelligence analyst, illicitly downloaded the files through a Secret Internet Protocol Router and saved them to a disk, which he provided WikiLeaks. Though Manning had security clearance - his job was to route intelligence reports to his superiors - it's unclear why he would or should have authorization to access and download State Department reports.
To read the entire article, click here - http://blogs.govinfosecurity.com/posts.php?postID=806&rf=2010-12-02-eg
By Eric Chabrow
Not adequately implementing access management - deciding who should gain entry not only to an IT system but to specific data, as well - is a major process failure that led to the WikiLeaks leaks, the unauthorized access and downloading of 250,000 sensitive and classified diplomatic cables and other files.
Simply, if properly configured, an access-governance system might have prevented an Army private from extracting the diplomatic cables. The government alleges that Pfc. Bradley Manning, an Army intelligence analyst, illicitly downloaded the files through a Secret Internet Protocol Router and saved them to a disk, which he provided WikiLeaks. Though Manning had security clearance - his job was to route intelligence reports to his superiors - it's unclear why he would or should have authorization to access and download State Department reports.
To read the entire article, click here - http://blogs.govinfosecurity.com/posts.php?postID=806&rf=2010-12-02-eg
Four Home-Based Business Myths
By Lesley Spencer Pyle
Published December 01, 2010
WomenEntrepreneur.com
The home-based business industry is buzzing with new startups, products and services. If you are considering launching a home-based company, it's a good idea to have all the facts. There are a lot of misconceptions about what it takes to run a successful business from home.
Separate fact from fiction, and find out whether these oft-repeated notions are just myths.
Anyone can start a home-based business.
While anyone can launch a home-based business at virtually any time, not everyone will succeed. It's not as easy as you might think. So before you jump in head first, make sure you're in touch with reality. First of all, building a business from the ground up is a slow and sometimes tedious process. You will not become a millionaire overnight.
There is a lot of information to take in and a lot of junk to filter out. The truth is that running a home-based business is, in most cases, a trial by fire. Lots of people throw in the towel before they ever see any real money.
It doesn't cost anything to start a home-based business.
If you are offering a service, this might be true. Emily Suess, a freelance writer in Indianapolis, launched her business virtually overnight without any startup fees. "I already had a laptop and a high-speed internet connection," says Suess. "The only thing I needed was to find my first client."
To read the entire article, click here - http://www.foxsmallbusinesscenter.com/sbc/2010/12/01/home-based-business-myths/
Published December 01, 2010
WomenEntrepreneur.com
The home-based business industry is buzzing with new startups, products and services. If you are considering launching a home-based company, it's a good idea to have all the facts. There are a lot of misconceptions about what it takes to run a successful business from home.
Separate fact from fiction, and find out whether these oft-repeated notions are just myths.
Anyone can start a home-based business.
While anyone can launch a home-based business at virtually any time, not everyone will succeed. It's not as easy as you might think. So before you jump in head first, make sure you're in touch with reality. First of all, building a business from the ground up is a slow and sometimes tedious process. You will not become a millionaire overnight.
There is a lot of information to take in and a lot of junk to filter out. The truth is that running a home-based business is, in most cases, a trial by fire. Lots of people throw in the towel before they ever see any real money.
It doesn't cost anything to start a home-based business.
If you are offering a service, this might be true. Emily Suess, a freelance writer in Indianapolis, launched her business virtually overnight without any startup fees. "I already had a laptop and a high-speed internet connection," says Suess. "The only thing I needed was to find my first client."
To read the entire article, click here - http://www.foxsmallbusinesscenter.com/sbc/2010/12/01/home-based-business-myths/
Subscribe to:
Posts (Atom)
Do Do You Keep Your Career Options Open?
Call The POWER Group Organization Team at (502) 209-TEAM {8326}!
