March 15, 2005

Phishing scripting vulnerabilities increase

by brian_turner

Netcraft report in Online Banking Industry Very Vulnerable to Cross-Site Scripting Frauds that phishing attacks are becoming sophisticated enough to overcome some banking protection.

Well known banks have created an infestation of application bugs and vulnerabilities across the Internet, allowing fraudsters to insert their data collection forms into bona fide banking sites, creating convincing frauds that are undetectable to most customers.

Additionally, the Register reports in Banks ‘wasting millions’ on two-factor authentication
points to criticisms from respected security commentator, Bruce Schneier.

He decries that current banking authentification systems are based on out-dated technology such as two-factor authentification, and that banks need to look forward to implementing modern cutting-edge solutions to the modern technical problems such as phishing:

Two-factor authentication was invented a couple of decades ago against the threats of the time. Now, the threats have changed – and two-factor authentication doesn’t defend against them. It’s a waste of money.

Although he accepts there is a role to be played by current methods, he doesn’t believe that the challenges of remote authentification over the internet can be properly addressed by two-factor authentification.

On top of all that, ThisIsMoney.co.uk reports in Crooks targeting internet shoppers that Supermarkets are the latest targets in phishing scams:

The National Crime Squad’s National Hi-Tech Crime Unit (NHTCU) has told online retailers such as Sainsbury, Ocado and Tesco that they need a massive upgrade in security to counter the growing threat.

Tony Neate, the unit’s industry liaison officer, said: ‘We have warned all the big retailers that we consider them to be the next targets and are helping them to secure their sites against the attacks we think are coming. We are working with the online retailers, but are also working to educate their customers and make them aware of the problems.’

While consumer confidence has surmounted original concerns about internet security with advanced encryption protection, and internet sales growth continues to increase, the increase in phishing attacks and vendors responses to the developing threats could have a definitive impact on the consumer web.

Story link: Phishing scripting vulnerabilities increase

Add to Bookmarks:

 

 

 

• Recent Posts

  • Windows 7 SP1 just a minor update
  • Commodore 64 is reborn
  • Small businesses at greatest risk from cyber crime
  • 26% of UK youngsters have tried hacking
  • Whitevector maps social media for marketing and brand management

• Most read today

  • Forum admins warned on new wave of spam
  • How Google destroyed $1 billion of United Airlines
  • How to combat spam on vbulletin forums
  • Hurricane on Wall St: Lehman bust; Merrill bought
  • Basic install and optimisation of a vbulletin forum