US firm warns against online banking fraud
Dubai, May 26, 2011
US-based IronKey, a leader in securing data and online access, has warned financial institutions in the Middle East of the threat posed by online banking cyber-criminals using new crimeware toolkits.
IronKey is meeting with Middle East banks at the FT Summit, running on May 31 and June 1 at the Beach Rotana Hotel in Abu Dhabi, to discuss the growing issue of cyber-crime.
“While banks in the West have long been attacked by sophisticated and organised cyber-gangs, all signs indicate that Middle East banks and their clients are also at high risk,” said Jeremy Freeman, director financial services at IronKey.
“And unfortunately this has been confirmed by recent research from the Dubai Police which shows an increase in the incidence of cyber-crime in the UAE - with around 70 per cent of criminal offences perpetrated in the UAE having their origins in cyber-space.”
In the past year cyber-criminals have been carrying out ever more sophisticated attacks on banks’ customer computers to perpetrate millions in fraud. In one recent incident, a London-based cyber-gang attempted to steal over $220 million from global online banking accounts.
With crimeware toolkits such as ZeuS, SpyEye, OddJob and Sunspot easily available, cyber-criminals can create sophisticated attacks that evade detection from today’s anti-malware software, Freeman said.
In particular, Saudi Arabia and Kuwait have consistently ranked among the top countries worldwide infected with ZeuS crimeware - indicating the problem is much worse than previously thought, he added.
With each new attack, the cyber-crime gangs are steadily breaking down the effectiveness of traditional IT security and fraud prevention solutions in use by Middle East banks.
From one-time passcode authentication to SMS notifications, criminals can defeat bank security controls with attacks starting on the bank’s client computer. Leading IT security experts are raising serious questions about the effectiveness of traditional preventative anti-virus and authentication software to adequately protect access to online banking.
“There are new, sophisticated threats that are quickly being put to work by the cyber-gangs to target banks and their clients in the Middle East,” said Dave Jevans, founder and chairman of IronKey and chairman of the Anti-Phishing Working Group.
“ZeuS, SpyEye, OddJob, Sunspot, and a host of other crimeware, attack banks’ customer computers. Unfortunately anti-virus and strong authentication software has all proven ineffective in stopping online banking fraud.”
IronKey is offering trusted access for banking to Middle East banks to safeguard their clients.
Instead of trying to fight the losing battle of detecting new criminal attacks, trusted access for banking delivers a safe, secure and private environment anywhere for online banking users.
“Now’s the opportunity for Middle East banks to seize the opportunity to protect their clients before users lose faith in the security of the whole online banking system,” concluded Freeman. – TradeArabia News Service