Online banking attacks rise

Daily news headlines

WASHINGTON – An internal Suspicious Activity Reports (SARs) report from the Federal Deposit Insurance Corporation, leaked to The Washington Post, shows that US financial institutions reported a notable increase in online bank account fraud in 2007.

Quarterly SARs for second-quarter 2007 show that the average loss from computer intrusion-related SARs was around $30,000, up from $10,000 a year ago. Although the number of online fraud-related SARs was low at 536 when compared with the 17, 558 notices of cheque fraud, the double-digit rise suggests online criminals are employing more sophisticated technology to tap into online bank accounts.

The report indicates that in most cases, banks are at a loss to say exactly how cyber crooks are stealing the funds. The report indicates that the 80% of the computer intrusions were classified as "unknown unauthorized access – online banking," and that "unknown unauthorised access to online banking has risen from 10% to 63% in the past year." The report indicates that a large share of the unknown losses were probably the result of data-stealing programs, such as Trojan horses and key-logging software, installed surreptitiously on customer PCs.

Many of the SARs showed that criminals targeted online bill payment applications but the most significant losses came from unauthorised access to wire transfers and automated clearing house payments, which gave the banks less time to detect and recover the funds.

Despite these results, Fortify Software, the application vulnerability specialist, says e-banking services are still safe.

"Banking online is still safe for most users, provided they keep their IT security software bang up-to-date and, ideally, have multiple security applications loaded at all times. It's just that identify theft techniques have improved a lot recently," said Rob Rachwald, Fortify Software's director of product marketing.

  • LinkedIn  
  • Save this article
  • Print this page  

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact [email protected] or view our subscription options here: http://subscriptions.risk.net/subscribe

You are currently unable to copy this content. Please contact [email protected] to find out more.

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here: