blogs.zdnet.com— A security researcher in India is warning that Citibank's new virtual keyboard anti-phishing mechanism can be easily defeated.
May 14, 2007View in Crawl 4
It's an interesting story. Online users have false sense of securities based on untested solutions presented by our Financial Institutions. Stories like these help educate computer users, IT and Security professionals, making them aware of possible modes of attacks. There's a company called FaceTime Communications which has a purpose built solution to prevent & detect Phone-home behaving spyware, such as Key loggers. Test out their solution against what your organization is currently running...you'll be amazed by their efficacy rate, low false positives....and the best part, zero latency. I highly suggest the solution for organizations concerned with information leakage.
Is there anyway that we as end users of such software which is vulnerable can avoid being caught in a fraud situation. It does start becoming a big concern as we are all gradually moving towards complete reliance on on-line applications. I have personally almost forgotten what it is to go to a bank and wait in long queues etc. and have loved the comfort of the on-line applications. But when hackers get ahead of the security programmers in financial applications, I wonder, what can I do to help the innocent users like us? Any thoughts...?
whiteh2oratMay 14, 2007
It's an interesting story. Online users have false sense of securities based on untested solutions presented by our Financial Institutions. Stories like these help educate computer users, IT and Security professionals, making them aware of possible modes of attacks. There's a company called FaceTime Communications which has a purpose built solution to prevent & detect Phone-home behaving spyware, such as Key loggers. Test out their solution against what your organization is currently running...you'll be amazed by their efficacy rate, low false positives....and the best part, zero latency. I highly suggest the solution for organizations concerned with information leakage.
saigeethamnMay 15, 2007
Is there anyway that we as end users of such software which is vulnerable can avoid being caught in a fraud situation. It does start becoming a big concern as we are all gradually moving towards complete reliance on on-line applications. I have personally almost forgotten what it is to go to a bank and wait in long queues etc. and have loved the comfort of the on-line applications. But when hackers get ahead of the security programmers in financial applications, I wonder, what can I do to help the innocent users like us? Any thoughts...?