Breaking

Showing posts with label account hacked. Show all posts
Showing posts with label account hacked. Show all posts

Sunday, 2 April 2017

12:16

Trends:Which Practice is Convenient for banking,Mobile? or Computer?

Trends:Which Practice is Convenient for banking,Mobile? or Computer?

Mobile banking has been on the rise for the past few years for many reasons. This practice is convenient, of course, but it is also more secure than traditional banking online. Yes, you are reading that correctly. Accessing your bank's mobile site or using the bank's mobile app is safer than accessing the bank's website on a computer.

Why?
It should be no surprise that computers are big targets for scammers.

Most PCs run on an operating system from Microsoft, and these systems provide enough source code for developers to build software around, including viruses. This means that they are quite vulnerable to viruses which have been created by hackers to scam their victims. The Android OS functions the same way. However, there are millions of viruses targeting Microsoft and 10’s of thousands targeting Androids. Apple iOS provides much less code and is more secure.

Over the past ten years, criminals have learned how to easily exploit online banking sites simply by using a PC. During this time, and even before, these computers have been hacked in almost any way imaginable, which makes it vulnerable to fraudulent acts. 

Mobile banking, however, is a relatively new feature of cell phones, and because different phones have different operating systems, viruses and malware are not as prevalent, and the technology available varies widely from one manufacturer to another.

Computers are still low-hanging fruit to hackers, and mobiles are not as attractive due to the vulnerability of computers. Regardless, Androids need antivirus just like PCs do.

Also, the networks that mobile carriers have are harder for hackers to get into than it is to get into the wireless network at your home or a coffee shop.

Mobile carrier services that have 3G, 4G or LTE service have high levels of encryption and are not open to a general Internet connection. This means that you simply cannot jump onto someone else's 3G or 4G connection without a password.

When it comes to mobile banking, there is also the benefit of having additional layers of authenticity, which allows the account holder to authorize transactions via text or voice with a new code, which makes mobile banking highly secure.

Protecting Yourself From Mobile Cyber Attacks
It is possible to protect yourself from cyber criminals by keeping in mind the following guidelines when using your smartphone. These tips will help you to remain safe when banking on the go:

Only Use a Secure Network to Access the Internet -It is safest only to browse the web through a secure Wi-Fi network or through your service provider's 3G or 4G network. Never send any sensitive info, such as banking information, over a wireless network that is not secure, such as in a coffee shop or hotel.

Only Download Trustworthy Applications - When downloading apps on your mobile phone, make sure only to download them from marketplaces or other trusted sources. You should also check the feedback and reviews from others.

If possible, connect to your bank's app or site only when on a secure network. You should also only download a bank's mobile application from the bank's real website. Otherwise, Google Play or iTunes should be fine.

Remain Vigilant About Your Online Security - Make sure to keep all of your malware and anti-virus software up to date, and then back up the data. Use different passwords for all of your accounts, and never offer personal or financial information to anyone other than official employees of your bank.

Set Your Phone to Auto-Lock - Most mobile phone have a setting that will allow you to lock the phone after a set period of time.

Do Not Store Data You Need - If you cannot afford to lose something, do not store it on a mobile phone that is not secure.

Consider Using Security Software - Mobile security software allows you to lock your mobile device remotely, and it lets you delete all of your personal information in the event of loss or theft. You can also locate the device by using GPS.

Be Suspicious of Links - It is in your best interest to be suspicious of any link that comes to you on your mobile device, even if the sender appears legitimate.

Do Not Jailbreak Any iPhone - Most people who have a jailbroken iPhone or “rooted” Android could easily have an infected iPhone. Jailbreaking is when the limitations are removed, which allows users to gain full use of the operating system. When a phone is jailbroken, users can download extensions, applications, and themes that are not available at the App Store. However, this is dangerous as it opens up the phone to dangerous viruses.

Mobile banking is becoming more popular among smartphone users, and you should try it for yourself if you haven't yet. It is extremely convenient, and if you keep the above in mind, it is also very safe.

Source:The Balance
0
By at No comments:
Labels: , , , ,

Sunday, 24 April 2016

08:26

When banks leave the front door open

When banks leave the front door open

Cyber attacks against the banking industry have soared in the last few years. And financial institutions now face 300% more attacks than any other industry. Comparatively with other industries, the financial services industry isn’t shy where it comes to cyber security investment and generally has a superior level of protection.

But this attracts a more sophisticated demographic of hacker, who will hone different types of attacks to target a bank, as they are fully aware of the rewards they could reap if they succeed.

But, given the investment banks plough into defence, how do the hackers succeed? According to the FBI, one of the key entry points for cyber criminals is to gain employee login credentials through using spam and phishing emails, key stroke loggers and remote access Trojans.

This was certainly the case for JPMorgan Chase, when, in 2014, it became the victim of the world’s biggest hit on a financial services company. This was despite having spent over $250 million and having over 1,000 of its people focused on cyber security. Hackers gained access through the computer of an employee working from home, stealing their login credentials and targeting a network server that only needed a username and password. More than 83 million customer records were compromised and although no account information was taken, the bank’s reputation took a considerable knock.

For financial institutions, the JPMorgan Chase breach highlighted a few important things. The first is the effectiveness of malware; the second is the vulnerability of workers, particularly remote workers; and thirdly, how easily hackers are able to roam around company networks once they get in. The hackers in the JP Morgan attack were “inside” for over a month before the breach was discovered.

So why is remote working such a weak spot? One reason is user authentication – over 75% of cyber attacks stem from weak or stolen passwords. In the case of JPMorgan Chase, having poor authentication in place effectively meant they left the bank’s front door open. Using phishing or key-stroke loggers, hackers can identify usernames and passwords. The proliferation of devices is also to blame – banking employees want to be able to use their smartphones and tablets to access company systems. But “bring your own device” (BYOD) has added multiple layers of complexity to security.

When you consider the risks, you can understand banks’ reticence to sanction remote working. But financial organisations can make massive productivity gains through remote working policies – allowing people to work from home, the train or when away with work gives business productivity a real boost. The question is, how do you lock it down and make it as secure as possible?

Authentication is a key consideration. As demonstrated by JPMorgan Chase, many have password only solutions and hackers use dictionary attacks or brute force attacks to get in. Others have two-factor authentication in place but even these solutions can be compromised, as they involve tokens or cards that generate pre-issued passwords based on seed files, which can be hacked.

Biometric technology is becoming more popular but it is flawed and phenomenally expensive to implement and manage. And it can be compromised. The US’s Office of Personnel and Management was recently involved in a massive cyber attack where 5.6 million fingerprints were stolen. Fingerprints, if stolen, can’t be changed.

Multi-factor authentication (MFA) is a solution that banks and insurers could consider – it captures and uses contextual data around each login to determine whether the user should be granted access, such as a user’s connection, their geographic location, a valid point of entry and time of day. If there is nothing suspicious, a one time passcode is generated in real time and sent to the employee’s mobile, allowing them to log in securely.

The cyber security threat facing banks is increasingly exponentially. And IT professionals on the front line owe it to the bank and its customers to have every solution at their fingertips to try and circumvent attacks. MFA is only part of the solution, but in terms of locking down security around authentication, they need to do the best they can.

0
By at No comments:
Labels: ,

Thursday, 17 September 2015

20:06

Account hacked, over Rs 1 cr transfered from rural bank

Account hacked, over Rs 1 cr transfered from rural bank

The suspense account of Sarva UP Gramin Bank's Khaspura branch was allegedly hacked and Rs 1.39 crore transferred to three different accounts, police said today.

The incident came to light on September 14 when one Siddharth called the bank's Awas Vikas branch asking for Rs 15 lakh from Shanu's account, who he claimed had given him a cheque of the same amount, they said.

Following this, the bank manager of Awas Vikas branch grew suspicious and called the manager of Khaspura branch, who then checked the account of various bank holders, police said.

The manager found that Rs 25 lakh had allegedly been transfered to Shanu's account in Awas Vikas branch by some unidentified person on September 11 -- from suspense account of Khaspura branch of the same bank.

Also, Rs 24 lakh was allegedly transfered to one Shashank's account in Awas Vikash branch from Khaspura branch of the same bank.

Similarly, Rs 45 lakh was 'transfered twice' to an account of Amit Kumar in Muzzafarnagar's Charthawal branch of the same bank.

Regional branch manager, Ashutosh Sharma, said that besides the bank managers, other people who work at the bank also have the password of the suspense account.
City Kotwal Ajay Gautam said that the matter was being probed.

Keeping in mind the rising number of such crimes, efforts were being made to beef-up the cyber security, he added.

Source :BankingUpdates
0
By at No comments:
Labels: , , ,