Wednesday, December 30, 2009

Banking Trojans Grow Smarter...Will Online Banks Do the Same?

In Europe, millions of online banking customers use hardware to authenticate their online banking sessions. 

Todos recently shipped it's 20 Millionth device.  (See
Todos Delivers 20 Millionth eBanking Security Product

What these devices do is generate OTP's. (one time passwords)  The problem with OTP's is real-time OBT's (online banking trojans) are able to intercept the OTP's.  Thus, OTP's are rendered inadequate to protect online banking sessions as graphically illustrated on the right.     

In America, we type in our username and password and answer questions like what is your mother's maiden name, what month were you born, what are the last 4 digits of your SS numbers or what city were you born in?   Yesterday, McAfee Labs released a report saying that Online Banking Trojans are getting Smarter.  Thus the question that begs to be asked is:  When will the Online Banking Industry do the same?  Will it happen in 2010? 

Sometimes the simplest solutions are the best.  For example:  How do you withdraw cash from an ATM?  You insert your bank issued card, you enter your bank issued PIN.  The bank customer might be hundreds, even thousands of miles from their bank, yet the process is trusted enough to dispense hundreds of dollars in cash into the hands of the card holder.  

So the second question that begs to be asked of the online banking community is this:  If I was to inform them that there is a patented device which 100% replicates the same two factor authentication trusted process used to disperse cash from an ATM, but instead, could be used to authenticate the online banking session...and instead of generating an OTP, it would generates residual income (i.e. ROI) do you think they might be interested? 

I guess it all depends on the answer given to previous question asked in the title of this post... 

From the McAfee Labs "2010 Threat Predictions"
released yesterday.

In 2009 criminals adapted their methods to more effectively attack online banking and get around current protections used by banks.

Trojans demonstrated new tactics that went well beyond the rather simple keylogging-with-screenshots efforts that we had seen in previous years. Most Trojans now use rootkit techniques to hide on a victim’s system and disable anti-virus software or prevent signature updates. Often the victim’s computer becomes part of a botnet and receives malware configuration updates.

Free Myspace Generators

Simple Trojans, such as those predominant in South American countries, lie dormant until the victim opens the bank’s website. They then add fields for the user to fill in, asking for credit card number and ATM PIN, for example, or for a couple of indexed transaction authorization numbers (iTANs). The Trojan usually comes with a configuration file that contains information for hundreds of banks, specifying the additional fields and their layout and mimicking the bank’s design. Although these Trojans, such as Torpig, are still popular today, they are far from state of the art.

More troublesome is the Silentbanker family. These Trojans can silently change the details a user enters to transfer the money to the attacker during a transaction. The user is not aware that anything is amiss until the next account statement arrives. Bebloh, also known as URLZone, takes this deception even further. This Trojan not only changes the transaction details to suit the attacker but it will also check the user’s account and transaction limits and stay just below them to avoid alerting the bank. Bebloh also keeps track of the transactions the user originally made and changes the account statement to display these instead of the real transactions. Of course, the account balance is modified as well.

The latest, and perhaps most worrisome, development comes from the Zeus family. These Trojans are frequently updated with new versions and are sold on underground forums to anyone interested in starting a career in crime. Zeus comes with a command and control server and is extremely flexible in its configuration, allowing easy adjustments to a criminal’s specific needs. Now there is a man-in-the-middle console that allows an attacker to operate in real time. The attack could occur like this: When the victim logs into an online banking account the user sees a maintenance bar that moves slowly until it is full, and then must answer additional security questions, with everything in the bank’s website design.

These steps help buy time for the attacker. The moment the victim logs in, the attacker is notified and initiates a transaction while the victim is waiting. In the next step the victim is asked to register his or her mobile phone number and to confirm this with a specific iTAN. The attacker uses this iTAN, which the bank requests, to complete the illicit transaction. Once the victim enters the iTAN, the attacker completes the transaction and the victim gets to see a message saying the phone registration was successful but that online banking is closed for maintenance.

One variant of Zeus is JabberZeus, which has a complex structure for providing near real-time stolen information to an attacker. This version is most often used to steal one-time passwords, which certain banks require to add another layer of protection for large transactions. With this variant, an attacker uses the Jabber protocol as an instant message system to gather the stolen data. The attacker then selects which information is most (financially) important.

Given the widespread use of the Zeus kit we anticipate many more similar attacks in 2010, and not only against banking sites. This variation allows attackers to circumvent all types of two-factor authentication on websites.

ComScore: E-Commerce Sales Rise

E-Commerce Sales Rise by 5 Percent to Reach $27 Billion for the 2009 Holiday Shopping Season thru Christmas Eve

Image representing comScore as depicted in Cru...

  • Season Features Early Start and a Strong Finish

  • Larger Retailers Outperform Smaller Ones

  • Consumer Electronics Category Shows Strongest Growth

RESTON, VA, December 30, 2009 – comScore (NASDAQ : SCOR), a leader in measuring the digital world, today reported retail e-commerce spending for the holiday season from November 1 through Christmas Eve. During this period, approximately $27 Billion was spent online, which represents an increase of 5 percent over the same period a year ago. For the period from Black Friday through Christmas Eve, and after adjusting for the additional shopping day in 2009, sales grew by approximately 3.5 percent.

2009 Holiday Season vs. 2008

Non-Travel (Retail) Spending

Excludes Auctions and Large Corporate Purchases

Total U.S. – Home/Work/University Locations

Source: comScore, Inc.


Millions ($)



Percent Change

November 1 – December 24




Thanksgiving Day (Nov. 26)




Black Friday (Nov. 27)




Cyber Monday (Nov. 30)




Green Monday (Dec. 14)




Tuesday, Dec. 15




Weekend of Dec 19 – 20 (winter storm)




*Individual days and weekends are compared to corresponding shopping days in 2008

“Following last year’s disappointing performance when sales fell by 3 percent, the e-commerce sector saw a positive 2009 holiday shopping season with sales up by 5 percent,” said comScore chairman Gian Fulgoni. “Online sales growth this year was driven by a continued increase in the number of people buying online, but consumers’ economic challenges resulted in a slight decline versus last year in the amount spent per buyer. The season featured a strong start as a result of early retailer promotions and a very strong finish helped by the snow storms that occurred the weekend of Dec 19 – 20, retailers’ willingness to offer free shipping later in the season, and consumers’ confidence in expedited shipping arriving in time. This was also a year when retailers substantially boosted their use of social network marketing and the larger retailers significantly outperformed their smaller brethren. In these tough economic times, the retailers with sufficient financial resources and a willingness to invest in aggressive marketing and free shipping offers were clear winners. In terms of individual product categories, consumer electronics saw particularly strong sales growth of slightly over 20 percent, while jewelry and watches also turned in a strong performance, but which followed a very weak 2008 season.”

About comScore

comScore, Inc. (NASDAQ: SCOR) is a global leader in measuring the digital world and preferred source of digital marketing intelligence. For more information, please visit


Andrew Lipsman

Director, Marketing Communications

comScore, Inc.

+1 312 775 6510

Flushing Financial Corporation Announces the Repurchase of the Outstanding Warrant Issued to the Treasury Under TARP

December 30, 2009: 03:00 PM ET

LAKE SUCCESS, N.Y., Dec. 30, 2009 (GLOBE NEWSWIRE) -- Flushing Financial Corporation (the "Company") (Nasdaq:FFIC), the parent holding company for Flushing Savings Bank, FSB (the "Bank"), announced today that it repurchased the warrant to purchase 375,806 shares of its common stock issued to the U.S. Treasury under the Capital Purchase Program of the Troubled Asset Relief Program ("TARP").

The original warrant granted to the Treasury under the same program was reduced by one-half from 751,611 shares to 375,806 shares as a result of the completion of the Company's successful public stock offering on September 22, 2009. The Company repurchased the warrant for $900,000.

John R. Buran, the Company's President and Chief Executive Officer, stated: "We are happy to have completed the final phase of our TARP-relationship with the U.S. Treasury following a recommendation by our regulator, the Office of Thrift Supervision. We have been negotiating with the U.S. Treasury over the past month for the repurchase of the warrant and are pleased with the outcome."

"Throughout this recession we have continued to be a well-capitalized financial company with strong earnings. We have been actively lending and growing our deposit base in our New York Metropolitan market. We look forward to the future growth of our franchise."

About Flushing Financial Corporation

Flushing Financial Corporation is the parent holding company for Flushing Savings Bank, FSB, a federally chartered stock savings bank insured by the Federal Deposit Insurance Corporation. The Bank serves consumers and businesses by offering a full complement of deposit, loan, and cash management services through its fifteen banking offices located in Queens, Brooklyn, Manhattan, and Nassau County. The Bank also operates an online banking division,, which enables the Bank to expand outside of its current geographic footprint. In 2007, the Bank established Flushing Commercial Bank, a wholly-owned subsidiary, to provide banking services to public entities including counties, cities, towns, villages, school districts, libraries, fire districts and the various courts throughout the metropolitan area.

Additional information on Flushing Financial Corporation may be obtained by visiting the Company's website at

CONTACT:  Flushing Financial Corporation
David W. Fry, Executive Vice President
and Chief Financial Officer

Technology Credit Union Selects New President/CEO

Seasoned Financial Executive With Strong Ties to High-Tech Community Takes the Helm on January 6, 2010

SAN JOSE, CA--(Marketwire) - Technology Credit Union announced today that Barbara B. Kamm will be joining the organization on January 6, 2010, as its new President/CEO, replacing Ken Burns who left in May of 2009.

Kamm has had a long and accomplished career in banking, starting at First Interstate Bank in Los Angeles where she ran credit training for the bank's branch system. She next headed commercial lending at Marine National Bank, a de novo bank in Irvine, CA, and opened and managed the Orange County office of National Bank of Long Beach. Kamm joined Silicon Valley Bank in Southern California and became the regional manager there before moving to Northern California as the bank's Chief Administrative Officer.

During her 10 years with Silicon Valley Bank, Kamm worked with many entrepreneurs, start-up businesses, venture capitalists, and industry associations to meet the financial needs of the technology community. Most recently she operated her own Bay Area-based consulting firm to provide strategic, organizational and financial assistance to young tech companies and financial institutions. Among her clients was New Resources Bank of San Francisco, where she advised the Board through a CEO transition.

"Speaking on behalf of the Board of Directors, I am very pleased to welcome Barbara Kamm as Technology Credit Union's new President/CEO as we begin a new year," said Mical Atz Brenzel, Chairman of the Board. "With her extensive banking and management experience, she is an excellent choice to lead Tech CU during these challenging economic times."

"I'm excited to have the opportunity to serve as Tech CU's new President/CEO as we enter a new decade," said Kamm. "With this credit union's distinguished 50-year history of serving the technology community in Silicon Valley, I look forward to continuing to grow our brand and deliver the highest level of service possible to our members."

ABOUT TECHNOLOGY CREDIT UNION Technology Credit Union is a full-service, financial institution serving individuals who work, live, go to school or regularly worship in Santa Clara, Alameda, Contra Costa, Santa Cruz, San Mateo and San Francisco counties. Tech CU was started in 1960 and is now among the top 1 percent of the nation's largest credit unions. It is recognized as one of the best managed and strongest financial institutions in the country, as indicated by Tech CU's 5-star rating from Bauer Financial, the nation's largest independent rating service for banks and credit unions. With more than 77,000 members, over $1 billion in assets and 10 full-service branches around the Bay Area, Tech CU is a leader in the credit union industry. For more information, visit

9 of 10 People Want More Security Protection from Banks...HomeATM Delivers!

http://www.mintel.comRecession Increases People’s Fear of Identity Theft

CHICAGO--(BUSINESS WIRE)--As if the global recession, struggling housing market and high unemployment numbers weren’t enough, market research firm Mintel reveals that Americans increasingly fret about having their identities stolen.

Nine in 10 people told Mintel that protection against identity theft and illegal account access was very or somewhat important to them when selecting a bank.

“As banks launch new financial products and services like mobile banking, they need to be mindful of people’s concern about security.

  • One way to improve acceptance of new products is for banks to convince customers that their personal information will remain safe and protected

  • Nearly half of adults (46%) say they’re more worried about someone stealing funds from their bank accounts or stealing their identities. Perhaps because of the belief that desperate times lead to desperate measures, or maybe because each dollar is more precious this year, security and identity theft are top concerns for today’s consumers.

Susan Menke, behavioral economist at Mintel Comperemedia, comments:

“Some consumers worry that, because of economic concerns this year, banks aren't paying as much attention to security and identity theft issues as they have in the past. So banks need to reassure their customers that they're being well taken care of.

Focusing on security and identity theft protection capabilities can give banks and credit unions a competitive edge and strengthen customer relationships.”

  • Identity theft protection is very important to consumers, especially when choosing which banks to do business with.

  • Nine in 10 people told Mintel that protection against identity theft and illegal account access was very or somewhat important to them when selecting a bank.

  • Among small business owners, 42% rank identity theft protection as one of the top three factors they’d consider when obtaining a new business credit or debit card.

“As banks launch new financial products and services like mobile banking, they need to be mindful of people’s concern about security. One way to improve acceptance of new products is for banks to convince customers that their personal information will remain safe and protected,” states Susan Menke.

Visit Mintel Comperemedia’s blog for the latest direct marketing trend analysis:

About Mintel Comperemedia

Mintel Comperemedia provides competitive intelligence for businesses looking to advance and improve their direct marketing strategy. Tracking direct marketing (including mail, email and print advertising) targeted at consumers, small businesses and insurance agents, Mintel Comperemedia offers a unique perspective on everything from banking trends to insurance trends to credit card statistics. For more than 35 years, Mintel has provided insight into key worldwide trends, leading the industry for consumer, product and media intelligence. Follow Mintel on Twitter:

Cyber Crime Defined

Here is a list of terms you need to know when it comes to understanding Cyber Crime.  

Address Munging: the practice of disguising, or munging, an e-mail address to prevent it being automatically collected and used as a target for people and organizations who send unsolicited bulk e-mail address.

Adware: or advertising-supported software is any software package which automatically plays, displays, or downloads advertising material to a computer after the software is installed on it or while the application is being used. Some types of adware are also spyware and can be classified as privacy-invasive software.

Ass Swipe:  A stupid way to make a purchase online.  Someone who Types their numbers into boxes in browser websites.  (okay, I made that one up)  

in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice), or could be a modification to an existing program or hardware device.

Backscatter (also known as outscatter, misdirected bounces, blowback or collateral spam):
a side-effect of e-mail spam, viruses and worms, where email servers receiving spam and other mail send bounce messages to an innocent party. This occurs because the original message’s envelope sender is forged to contain the e-mail address of the victim. A very large proportion of such e-mail is sent with a forged From: header, matching the envelope sender.  Since these messages were not solicited by the recipients, are substantially similar to each other, and are delivered in bulk quantities, they qualify as unsolicited bulk email or spam. As such, systems that generate e-mail backscatter can end up being listed on various DNSBLs and be in violation of internet service providers’ Terms of Service.

Black Hat:
the villain or bad guy, especially in a western movie in which such a character would wear a black hat in contrast to the hero’s white hat. The phrase is often used figuratively, especially in computing slang, where it refers to a hacker that breaks into networks or computers, or creates computer viruses.

a form of bluetooth attack. A Bluebug program allows the user to “take control” of the victim’s phone. Not only can they make calls, they can send messages, essentially do anything the phone can do. This also means that the Bluebug user can simply listen to any conversation his victim is having in real life.

the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers,

the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs. This allows access to a calendar, contact list, emails and text messages, and on some phones users can steal pictures and private videos.

a jargon term for a collection of software robots, or bots, that run autonomously and automatically. They run on groups of zombie computers controlled remotely.

Click fraud:
a type of internet crime that occurs in pay per click online advertising when a person, automated script, or computer program imitates a legitimate user of a web browser clicking on an ad, for the purpose of generating a charge per click without having actual interest in the target of the ad’s link. Click fraud is the subject of some controversy and increasing litigation due to the advertising networks being a key beneficiary of the fraud.

Computer Virus:
a computer program that can copy itself and infect a computer without permission or knowledge of the user. The term “virus” is also commonly used, albeit erroneously, to refer to many different types of malware and adware programs.

Computer Worm:
a self-replicating computer program. It uses a network to send copies of itself to other nodes (computer terminals on the network) and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.

Many worms have been created which are only designed to spread, and don’t attempt to alter the systems they pass through. However, as the Morris worm and Mydoom showed, the network traffic and other unintended effects can often cause major disruption. A “payload” is code designed to do more than spread the worm – it might delete files on a host system (e.g., the ExploreZip worm), encrypt files in a cryptoviral extortion attack, or send documents via e-mail. A very common payload for worms is to install a backdoor in the infected computer to allow the creation of a “zombie” under control of the worm author – Sobig and Mydoom are examples which created zombies. Networks of such machines are often referred to as botnets and are very commonly used by spam senders for sending junk email or to cloak their website’s address.

the practice of disrupting online media such as discussion websites or Usenet newsgroups with nonsensical, inane, and/or repetitive postings (flooding with crap) in order to make it difficult for other users to read other postings. It can also be motivated by a desire to waste the targeted site’s bandwidth and storage space with useless text.

repeatedly sending message that include threats of harm or are highly intimidating; engaging in other online activities that make a person afraid for his or her safety.

Denial-of-Service Attack
(DoS attack): or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users. Although the means to, motives for, and targets of a DoS attack may vary, it generally consists of the concerted, malevolent efforts of a person or persons to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely.

E-mail spoofing:
a term used to describe fraudulent email activity in which the sender address and other parts of the email header are altered to appear as though the email originated from a different source. E-mail spoofing is a technique commonly used for spam e-mail and phishing to hide the origin of an e-mail message.

False flag operations:
covert operations conducted by governments, corporations, or other organizations, which are designed to appear like they are being carried out by other entities.

online fights using electronic messages with angry and vulgar language.

differ from typical players in that they do not play the game in order to achieve objectives defined by the game world. Instead, they seek to harass other players, causing grief. In particular, they may use tools such as stalking, hurling insults, and exploiting unintended game mechanics. Griefing as a gaming play style is not simply any action that may be considered morally incorrect.

someone involved in computer security/insecurity, specializing in the discovery of exploits in systems (for exploitation or prevention), or in obtaining or preventing unauthorized access to systems through skills, tactics and detailed knowledge. In the most common general form of this usage, “hacker” refers to a black-hat hacker (a malicious or criminal hacker).

Internet Bots:
also known as web robots, WWW robots or simply bots, are software applications that run automated tasks over the Internet.

Internet troll (or simply troll in Internet slang):
someone who posts controversial and usually irrelevant or off-topic messages in an online community, such as an online discussion forum or chat room, with the intention of baiting other users into an emotional response[1] or to generally disrupt normal on-topic discussion.

Joe Job:
a spam attack using spoofed sender data. Aimed at tarnishing the reputation of the apparent sender and/or induce the recipients to take action against him (see also e-mail spoofing).

Keystroke Logging (often called keylogging):
a method of capturing and recording user keystrokes. Keylogging can be useful to determine sources of errors in computer systems, to study how users interact and access with systems, and is sometimes used to measure employee productivity on certain clerical tasks. Such systems are also highly useful for law enforcement and espionage—for instance, providing a means to obtain passwords or encryption keys and thus bypassing other security measures.

a person who reads discussions on a message board, newsgroup, chatroom, file sharing or other interactive system, but rarely participates.

software designed to infiltrate or damage a computer system without the owner’s informed consent. The term is a portmanteau of the words malicious and software. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.

Man in the Middle Attacks: 
Real Time Hacking, such as intercepting OTP's (one time passwords)

Money Mule:
a person who transfers money and reships high value goods that have been fraudulently obtained in one country, usually via the internet, to another country, usually where the perpetrator of the fraud lives. The term money mule is formed by analogy with drug mules.

The need for money mules arises because while a criminal in a developing country can obtain the credit card numbers, bank account numbers, passwords and other financial details of a victim living in the first world via the internet through techniques such as malware and phishing, turning those details into money usable in the criminal’s own country can be difficult. Many businesses will refuse to transfer money or ship goods to certain countries where there is a high likelihood that the transaction is fraudulent. The criminal therefore recruits a money mule in the victim’s country who receives money transfers and merchandise and resend them to the criminal in return for a commission.

Nigerian 419 Fraud Scheme (or an advance fee fraud):
a confidence trick in which the target is persuaded to advance relatively small sums of money in the hope of realizing a much larger gain.[

Peer to Peer (or "P2P"):
computer network that uses diverse connectivity between participants in a network and the cumulative bandwidth of network participants rather than conventional centralized resources where a relatively low number of servers provide the core value to a service or application. P2P networks are typically used for connecting nodes via largely ad hoc connections. Such networks are useful for many purposes. Sharing content files (see file sharing) containing audio, video, data or anything in digital format is very common, and realtime data, such as telephony traffic, is also passed using P2P technology.

(pronounced farming) is a hacker's attack aiming to redirect a website's traffic to another, bogus website.

is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. PayPal, eBay and online banks are common targets. Phishing is typically carried out by e-mail or instant messaging,[1] and often directs users to enter details at a website, although phone contact has also been used.

a slang term coined to describe the activity of a subculture of people who study, experiment with, or explore telecommunication systems, like equipment and systems connected to public telephone networks. The term “phreak” is a portmanteau of the words “phone” and “freak”. It may also refer to the use of various audio frequencies to manipulate a phone system. “Phreak”, “phreaker”, or “phone phreak” are names used for and by individuals who participate in phreaking. Additionally, it is often associated with computer hacking. This is sometimes called the H/P culture (with H standing for Hacking and P standing for Phreaking).

Pigeon Drop:
the name of a confidence trick in which a mark or “pigeon” is convinced to give up a sum of money in order to secure the rights to a larger sum of money, or more valuable object. In reality the scammers make off with the money and the mark is left with nothing.

:  a term used to refer to access of a wireless internet connection by bringing one’s own computer within the range of another’s wireless connection, and using that service without the subscriber’s explicit permission or knowledge. It is a legally and ethically controversial practice, with laws that vary in jurisdictions around the world. While completely outlawed in some jurisdictions, it is permitted in others. Piggybacking is used as a means of hiding illegal activities, such as downloading child pornography or engaging in identity theft. This is one main reason for controversy.

Pod Slurping:
the act of using a portable data storage device such as an iPod digital audio player to illicitly download large quantities of confidential data by directly plugging it into a computer where the data is held, and which may be on the inside of a firewall. As these storage devices become smaller and their storage capacity becomes greater, they are becoming an increasing security risk to companies and government agencies. Access is gained while the computer is unattended.

a program (or combination of several programs) designed to take fundamental control (in Unix terms “root” access, in Windows terms “Administrator” access) of a computer system, without authorization by the system’s owners and legitimate managers. Access to the hardware (i.e., the reset switch) is rarely required as a rootkit is intended to seize control of the operating system running on the hardware. Typically, rootkits act to obscure their presence on the system through subversion or evasion of standard operating system security mechanisms. Often, they are also Trojans as well, thus fooling users into believing they are safe to run on their systems. Techniques used to accomplish this can include concealing running processes from monitoring programs, or hiding files or system data from the operating system

Scam Baiting
is the practice of pretending interest in a fraudulent scheme in order to manipulate a scammer. The purpose of scam baiting might be to waste the scammers’ time, embarrass him or her, cause him or her to reveal information which can be passed on to legal authorities, get him or her to waste money, or simply to amuse the baiter.

Script kiddie (occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar):
a derogatory term used for an inexperienced malicious hacker who uses programs developed by others to attack computer systems, and deface websites.

a marketing method for computer software in which the software can be obtained by a user, often by downloading from the Internet or on magazine cover-disks free of charge to try out a program before buying the full version of that program. If the “tryout” program is already the full version, it is available for a short amount of time, or it does not have updates, help, and other extras that buying the added programs has. Shareware has also been known as “try before you buy”. A shareware program is accompanied by a request for payment, and the software’s distribution license often requires such a payment

short for “SMS phishing” (SMiShing) is an attempt to get cellular phone and mobile device owners to download a Trojan horse, virus or other malware by clinking on a link included in a SMS text message.   

a tongue-in-cheek term used to describe the transfer of electronic information, especially computer files, by physically carrying removable media such as magnetic tape, floppy disks, compact discs, USB flash drives, or external hard drives from one computer to another.

information theft or data manipulation in wireless local-area networks (WLAN).

Social engineering:
the art of manipulating people into performing actions or divulging confidential information.[1] While similar to a confidence trick or simple fraud, the term typically applies to trickery for information gathering or computer system access and in most cases the attacker never comes face-to-face with the victim.

an online identity used for purposes of deception within an Internet community. In its earliest usage, a sockpuppet was a false identity through which a member of an Internet community speaks while pretending not to, like a puppeteer manipulating a hand puppet.[1]  A sockpuppet-like use of deceptive fake identities is used in stealth marketing. The stealth marketer creates one or more pseudonymous accounts, each one claiming to be owned by a different enthusiastic supporter of the sponsor’s product or book or ideology. A single such sockpuppet is a shill; creating large numbers of them to fake a “grass-roots” upswelling of support is known as astroturfing.

Software cracking:
the modification of software to remove protection methods: copy prevention, trial/demo version, serial number, hardware key, CD check or software annoyances like nag screens and adware.

the abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages. While the most widely recognized form of spam is e-mail spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, Web search engine spam, spam in blogs, wiki spam, mobile phone messaging spam, Internet forum spam and junk fax transmissions.

Spear Phishing:
Targeted versions of phishing have been termed spear phishing.[19] Several recent phishing attacks have been directed specifically at senior executives and other high profile targets within businesses, and the term whaling has been coined for these kinds of attacks.

the disruptive act of posting a flood of articles to a Usenet newsgroup, with the article headers falsified so that they appear to have been posted by others. The word is a portmanteau of spam and forgery.

is computer software that is installed surreptitiously on a personal computer to intercept or take partial control over the user’s interaction with the computer, without the user’s informed consent.

While the term spyware suggests software that secretly monitors the user’s behavior, the functions of spyware extend well beyond simple monitoring. Spyware programs can collect various types of personal information, such as Internet surfing habit, sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software, redirecting Web browser activity, accessing websites blindly that will cause more harmful viruses, or diverting advertising revenue to a third party. Spyware can even change computer settings, resulting in slow connection speeds, different home pages, and loss of Internet or other program.

refers to a type of software that effectively transfers money owed to a website owner to a third party. Specifically, stealware uses an HTTP cookie to redirect the commission ordinarily earned by the site for referring users to another site.

Trojan horse (or simply Trojan)
:  a piece of software which appears to perform a certain action but in fact performs another such as transmitting a computer virus. Contrary to popular belief, this action, usually encoded in a hidden payload, may or may not be actually malicious, but Trojan horses are notorious today for their use in the installation of backdoor programs. Simply put, a Trojan horse is not a computer virus. Unlike such malware, it does not propagate by self-replication but relies heavily on the exploitation of an end-user (see Social engineering).

is the criminal practice of using social engineering and Voice over IP (VoIP) to gain access to private personal and financial information from the public for the purpose of financial reward. The term is a combination of “voice” and phishing. Vishing exploits the public’s trust in landline telephone services, which have traditionally terminated in physical locations which are known to the telephone company, and associated with a bill-payer. The victim is often unaware that VoIP allows for caller ID spoofing, inexpensive, complex automated systems and anonymity for the bill-payer. Vishing is typically used to steal credit card numbers or other information used in identity theft schemes from individuals.

VoIP Spam:
the proliferation of unwanted, automatically-dialed, pre-recorded phone calls using Voice over Internet Protocol (VoIP). Some pundits have taken to referring to it as SPIT (for “Spam over Internet Telephony”).

War dialing:
a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for unknown computers, BBS systems or fax machines. Hackers use the resulting lists for various purposes.

the act of searching for Wi-Fi wireless networks by a person in a moving vehicle using such items as a laptop or a PDA.

detecting and viewing wireless video; usually done by driving around with an x10 receiver. Warspying is similar to “Wardriving” only with wireless video instead of wireless networks.

Web crawler (also known as a web spider or web robot or – especially in the FOAF community – web scutter):
a program or automated script which browses the World Wide Web in a methodical, automated manner. Other less frequently used names for web crawlers are ants, automatic indexers, bots, and worms. This process is called web crawling or spidering. Many sites, in particular search engines, use spidering as a means of providing up-to-date data.

White Hat:
the hero or good guy, especially in computing slang, where it refers to an ethical hacker that focuses on securing and protecting IT systems. Such people are employed by computer security companies where these professionals are sometimes called sneakers.[citation needed] Groups of these people are often called tiger teams.

Zombie computer (often shortened as Zombie):
a computer attached to the Internet that has been compromised by a hacker, a computer virus, or a Trojan horse. Generally, a compromised machine is only one of many in a Botnet, and will be used to perform malicious tasks of one sort or another under remote direction.

TSYS to Broadcast Fourth-Quarter 2009 Results

COLUMBUS, Ga.--(BUSINESS WIRE)--TSYS will issue its fourth-quarter earnings report on January 20, 2010, at approximately 4:00 p.m. EST. A conference call to discuss these results, business trends and future projections will be held on January 20, 2010 at 5:00 p.m. EST. Shareholders and other interested persons may listen to this conference call via simultaneous internet broadcast at by clicking on the “conference call” icon on the home page. You must download Windows Media Player (free download available) before accessing the conference call or the replay. The conference call will be archived for 12 months and will be available starting 30 to 45 minutes after the call ends.

About TSYS

TSYS (NYSE: TSS) is one of the world’s largest companies for outsourced payment services, offering a broad range of issuer- and acquirer-processing technologies that support consumer-finance, credit, debit, healthcare, loyalty and prepaid services for financial institutions and retail companies in the Americas, EMEA and Asia-Pacific regions. For more information contact or log on to TSYS routinely posts all important information on its website.


TSYS Investor Relations

Shawn Roberts, +1.706.644.6081

At A Glance

Headquarters: Columbus, GA
CEO: Philip Tomlinson
Employees: 8,110
Ticker: TSS  (NYSE)
Revenues: $1.9 billion (2008)
Net Income: $250 million (2008)
Source: via Business Wire
Updated   07/07/2009   by company


More CUs Need to Offer Cards, Other Payment Methods, Paper Urges

By David Morrison

A paper authored by Card Services for Credit Unions and Callahan & Associates seeks to guide more credit unions into adopting broader array of payment services for their members.

CSCU is the association of credit unions that process their card accounts with Fidelity National Information Systems. Callahan & Associates is a noted CU consultancy.

The paper, “The Payment Revolution: How Payment Strategies Impact Your Credit Union’s Future,” describes a gap in payment options offering by the largest and smallest asset credit unions, noting that the nation’s 153 credit unions with more than $1 billion in assets as of March 2009, nearly all offer credit cards, checking accounts and bill pay. Mobile banking is offered by one-third of the large credit unions is growing quickly.

For credit unions below $20 million in assets, the statistics are different, the report said. Just over half offer checking accounts, and less than 30% manage a credit card program. Mobile banking among the credit unions below $20 million is rare.

“Increasing convenience for members and building long-term relationships are the dual goals of most payment systems. Understanding the offerings and recognizing opportunities based on your membership will be the foundation of future growth and success,” the report said.

The chief payment methods that the report recommended credit unions adopt were credit cards and debit cards. Not only did credit cards represent 33% of all noncash payments in economic crisis year of 2008, they also haven an importance to CUs beyond that of their balances.

“Credit cards are a key driver of member relationships and one of the fastest growing loan products,” the paper noted. Credit cards have provided credit unions with an ability to help their members meet needs that other financial institutions have retreated from, by keeping CU card programs lending as other issuers canceled cards, hiked interest rates or limited credit lines. Furthermore, the report added, the cards have allowed credit unions a means for cross selling their other loan products.

“For example, Northeast Credit Union [ a $600 million CU in Portsmouth, N.H.] offers a 50 basis point reduction on an auto loan when the member qualifies and takes a credit card,” the report said, adding that Callahan’s data showed that those credit unions that have a higher penetration in credit cards also have a higher usage of other credit union products.

“Credit unions with 25% or higher credit card penetration have members using, on average, 2.74 loan and share accounts each. Credit unions with a credit card penetration of less than 10% have members using just 2.08 accounts each on average,” the report said.

The two organizations also sought to put CU concerns over card delinquency into context as well, reporting that CU credit card delinquency even in this recessionary year still dramatically lags where it was a decade ago as proportion of overall CU delinquencies.

But the report also urged credit unions with existing card portfolios to carefully and thoughtfully re-score their card portfolios to reflect members changing risk profiles. The report cited the experience of the SAFE credit union, headquartered in North Highlands, Calif.

With 35,000 accounts, SAFE adopted an approach of using the service bureaus to help develop a targeted approach to re-scoring card accounts that lets it effectively deploy its resources. “We’re not Bank of America. We don’t have a huge staff to do this work,” the report quoted SAFE CEO Henry Wirz. “By doing it every two months, we have a bigger list to work on, but it is more efficient.”

3 Billion Cell Phones Vulnerable to "Hacking Rings"

The GSM logo is used to identify compatible ha...

Researchers Prepare Practical Demonstration Of GSM Encryption Cracking Technology

GSM calls can be intercepted and decoded using low-cost hardware and open-source software, researchers say

By Tim Wilson  DarkReading

Two security researchers on Wednesday will demonstrate methods for intercepting and decoding calls and data transmitted over the popular GSM mobile network technology. Security researchers Karsten Nohl and Chris Paget presented their findings in a presentation (WMV video) Monday at the 26th Chaos Communication Congress (CCC) in Berlin. A practical demonstration of the vulnerabilities and potential exploits is scheduled to take place at the conference on Wednesday at 12:00 GMT.

The demonstration is a follow-up to a presentation the two researchers made in August at the Hacking At Random conference, during which they outlined serious flaws in the GSM encryption scheme.

GSM is used in approximately 80 percent of the world's mobile communications systems, and in about 3 billion cell phones across the globe, according to industry estimates. In his CCC presentation yesterday, Nohl pointed out that much data has already been published about GSM's vulnerabilities, but the pair's new research takes it one step further -- by showing how GSM calls can be intercepted and decoded using relatively low-cost ($1500) hardware and open-source software that is readily available on the Web.

"We just wanted to move all of this into the open domain so you can try it at home," Nohl joked.

Continue Dark Reading

Hacker Pleads Guilty


Albert Gonzalez a.k.a. "Soup Nazi" pleaded guilty Tuesday to conspiring to hack into computer networks of major U.S. retail and financial organizations and to steal data related to tens of millions of credit and debit cards.

Prosecutors have called it the largest credit and debit card data breach ever charged in the U.S.

According to the plea agreement, Gonzalez, 28, of Miami will be sentenced to between 17 and 25 years in prison and his sentences in two separate cases will run concurrently.

On Tuesday, he pleaded guilty in federal court in Boston to two counts of conspiracy to gain unauthorized access to the payment card networks operated by, among others, Heartland Payment Systems Inc. (HPY), a New Jersey-based card processor; 7-Eleven, a Texas-based nationwide convenience store chain; and Hannaford Brothers Co., a Maine-based supermarket chain.

Gonzalez, also known as "segvec," "soupnazi" and "j4guar17," in September also pleaded guilty to 19 counts of conspiracy, computer fraud, wire fraud, access device fraud and aggravated identity theft relating to hacks into numerous major U.S. retailers, including TJX Cos. (TJX), BJ's Wholesale Club Inc. (BJ), OfficeMax Inc. (OMX), Boston Market, Barnes & Noble Inc. (BKS) and Sports Authority Inc. (TSA). In addition, he pleaded guilty in September to one count of conspiracy to commit wire fraud relating to hacks into the Dave & Buster's Inc. (DAB) restaurant chain.

Sentencing is scheduled for March 18 and 19 in Boston, where he remains in custody.

According to information contained in the plea agreement, Gonzalez leased or controlled several servers and allowed other hackers access to them, knowing they would use them to store malicious software and launch attacks against corporate victims.

McAfee: Facebook, Twitter & Online Banking Platforms of Choice for Hackers

http://www.mcafee.comMcAfee Labs Predicts Facebook, Twitter Will Be Platforms of Choice for Emerging Threats

McAfee Also Foresees HTML 5 Will Attract Attackers, Increased Online Banking Trojan Sophistication 

SANTA CLARA, Calif.--(BUSINESS WIRE)--McAfee Inc. (NYSE:MFE) today unveiled its 2010 Threat Predictions report. McAfee Labs believes cybercriminals will target social networking sites and third-party applications, use more complex Trojans and botnets to build and execute attacks, and take advantage of HTML 5 to create emerging threats. McAfee Labs also predicts 2010 will be a good year for law enforcement’s fight against cybercrime.

“Over the past decade, we’ve seen a tremendous improvement in the ability to successfully monitor, uncover, and stop cybercrime,” said Jeff Green, senior vice president of McAfee Labs. “We’re now facing emerging threats from the explosive growth of social networking sites, the exploitation of popular applications and more advanced techniques used by cybercriminals, but we’re confident that 2010 will be a successful year for the cybersecurity community.”  (We'll See)

McAfee Labs Threat Predictions for 2010:

Social Networks Will Be Platform of Choice for Emerging Threats

Facebook, Twitter, and third-party applications on these sites are rapidly changing the criminal toolkit, giving cybercriminals new technologies to work with and hot spots of activity that can be exploited. Users will become more vulnerable to attacks that blindly distribute rogue apps across their networks, and cybercriminals will take advantage of friends trusting friends to get users to click on links they might otherwise treat cautiously. The use of abbreviated URLs on sites like Twitter make it even easier for cybercriminals to mask and direct users to malicious Web sites. McAfee Labs predicts that cybercriminals will increasingly use these tactics across the most popular social networking sites in 2010.

Web Evolution Will Give Cybercriminals New Opportunities to Write Malware

The release of Google Chrome OS and the technological advancements of HTML 5 will continue to shift user activity from desktop to online applications, creating yet another opportunity for malware writers to prey on users. HTML 5’s anticipated cross-platform support also provides an additional motivation for attackers, enabling them to reach users of many mainstream browsers.

Banking Trojans, Email Attachments Delivering Malware Will Rise in Volume, Sophistication

McAfee Labs warns that banking Trojans, having demonstrated new tactics in 2009, will become even more sophisticated in 2010 and easily get around current protections used by banks. New techniques include a Trojan’s ability to silently interrupt a legitimate transaction to make an unauthorized withdrawal and simultaneously check the user’s transaction limits to stay below them and avoid alerting the bank. Email attachments, a longstanding delivery method for malware, will continue to rise in volume and increasingly target corporations, journalists, and individual users.   Editor's Note:  See my related post:

Banking Trojans Grow Smarter...Will Online Banks Do the Same?

Cybercriminals Continue to Target Adobe Reader, Flash

In 2009, McAfee Labs saw an increase in attacks targeting client software. Due to the growing popularity of Adobe applications, McAfee Labs expects that cybercriminals will continue to target Adobe products, primarily Acrobat Reader and Flash, two of the most widely deployed applications in the world. McAfee Labs expects Adobe product exploitation will likely surpass that of Microsoft Office applications in 2010.

Botnet Infrastructure Shifts from Centralized Model to Peer-to-Peer Control

Botnets, the versatile infrastructure that launches nearly every type of cyberattack from spamming to identity theft, will continue to use a seemingly infinite supply of stolen computing power and bandwidth around the globe. Following a number of successful botnet takedowns, including the McColo ISP, botnet controllers must adjust to the increasing pressure cybersecurity professionals are placing on them. In 2010, McAfee Labs expects to see a significant adoption of peer-to-peer control, a distributed and resilient botnet infrastructure, rather than the centralized hosting model that we see today. For cybercriminals, the benefits will finally outweigh the costs of the peer-to-peer model, due to the security community’s increasingly aggressive attempts to shut down and deny access to botnets.

Cybercrime: A Good Year for Law Enforcement

Next year marks a decade in the fight that international law enforcement agencies have undertaken against cybercrime. McAfee Labs has seen significant progress in the universal effort to identify, track, and combat cybercrime by governments worldwide. McAfee believes that in 2010 we’ll see many more successes in the pursuit of cybercriminals.

For a full copy of the 2010 McAfee Labs Threat Predictions, please visit:

About McAfee, Inc.

McAfee, Inc., headquartered in Santa Clara, California, is the world's largest dedicated security technology company. McAfee is committed to relentlessly tackling the world's toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse, and shop the web more securely. Backed by an award-winning research team, McAfee creates innovative products that empower home users, businesses, the public sector, and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security.

NOTE: McAfee is a registered trademark or trademark of McAfee, Inc. or its subsidiaries in the United States and other countries. Other marks and brands may be claimed as the property of others. © 2009 McAfee, Inc. All rights reserved.

Disqus for ePayment News