Latest Trojan Steals Login Before Bank Website Can Encrypt

Editor's Note:  Look what came across my desk AFTER I decided to dedicate a day to the perils of online banking!  I've said all morning, Don't Type, Swipe, but naysayers are like, "C'mon, if it wasn't safe, then why would they be doing it that way?  To which my reply is a chuckle.  Because it's convenient!  That's why. 

May I humbly suggest, I'm Right, they're Wrong, and everyday there's more evidence that the missing piece to the puzzle is HomeATM.

The Latest Incarnation (Trojan) Can Steal Internet Banking Login Information Before the Bank's Website Can Encrypt It.

Editor's Note:  Yeah, because you let your customer "type" in their login information. If your customers "don't type" the hackers "can't swipe."  Fortunately, your customers can.  An exponentially better approach to authenticated log-in.  "Swipe" the "bank issued" bankcard, and then securely enter the "bank issued" PIN.  The cardholder data is instantaneously "encrypted" (meaning it's never in the clear) so the hacker can't get to it "before" it's encrypted.  With HomeATM you are in the clear, because your data never is.  Today's theme... "onliine banking is so weak it's time they showed the strength to admit they were wrong" continues...

June 2, 2009

Trojans target online banking

By Tan Weizhen

THE big Singaporel banks - DBS, OCBC and UOB - have once again beentargeted by the latest trojan horse computer program, which trickscustomers into revealing their Internet banking passwords.
Late last month, banks were alerted to the trojan, which could gain scammers access to customers' accounts.
UOB Bank warned on its website that scammers may be able to'make unauthorized funds transfers within a short period of time.'

DBS Bank had reportedly more than a million Internet bankingcustomers as of last month. The other two banks declined to reveal howmany they had.

The three banks last came under attack by trojans - computerprograms infiltrating users' computers - in December, but this latestincarnation can steal Internet banking login information even beforethe bank's website can encrypt it. 

Continue Reading

Related articles

• Nothing Phishy About PCI 2.0 Certified "Card Present 2FA" (pindebit.blogspot.com)
• Torpig: "One of the Most Advanced Pieces of Crimeware ever Created".' (pindebit.blogspot.com)
• IBM Agrees with HomeATM...Hardware Required (pindebit.blogspot.com)
• HomeATM Prevents Cloned Bank Site Threat! (pindebit.blogspot.com)
• BofA Targeted by Malicious Code Phishing Attack (pindebit.blogspot.com)