Reports released today have suggested that online hackers have found a way to ‘outwit’ the latest banking security systems. In the last year, UK banks have improved their security systems in a bid to prevent online fraud, providing their Internet-banking customers with dual-factor authentication devices. The devices issue a unique key which can be used to log into accounts for around thirty seconds, after which the key is invalidated.
HSBC, who were the first bank in the UK to provide customers with this security feature, claim on their website that the ‘SecureKey’ will help to protect customers from Internet banking fraud. “Devices like these are commonly being used for secure transactions all round the world” claims their website but customers from all banks are still falling into traps.
After entering their unique pin information into the bank’s real website customers are offered ‘training’ in a new ‘upgraded security system’. By simply clicking on this link, hackers can access the customer’s account and move the money, whilst hiding this from the user.
Whilst experts have advised that customers should use up-to-date anti virus software it has been suggested that even this may not protect users. Banks and organisations working with the government to improve cyber security are continually looking at new ways to avoid this type of attack.
It is not only personal accounts that are at risk of such attacks. Businesses are equally likely to be exposed to online fraud and hacking. With an increasing number of organisations using online systems to manage their finances, businesses are more frequently becoming targets for hackers. It is evident to us at Templar Executives and StratexSystems that the solution lies not just in technology but must be holistic – building the awareness, culture and processes to create robust cyber security capability.
Training staff to be aware of such cyber attacks and knowing how to handle them if they occur is vital to modern businesses.
The BBC have issued the following advice:
How to spot if you have been infected
- If your transaction seems to be taking longer than normal, there is a chance it is going via a fraudster's system
- If you are asked for more information than normal, especially entire passwords where previously you were only asked for part, your machine may have been infected
- Computers that have been infected often slow down while malware monopolises both the process and the Internet connection
What to do if you suspect something
- Contact your bank by phone, not by email
- Tell them the time and date you believed you were accessing your bank account, if the bank's records do not match, it is likely your computer has been compromised
- In the UK, banks usually refund victims of online fraud as a matter of course
If this is a concern to you, personally, or for your business, and you have any questions regarding online banking and hacking, please feel free to comment below and we will look into your query.
By Rebecca Beard, StratexSystems