,%20the%20world%20truly%20became%20a%20global%20village.%20The%20Internet%20started%20linking%20individuals%20and%20businesses%20and%20there%20was%20no%20question%20that%20cross%20border%20communication%20had%20entered%20a%20new%20era.%20Today,%20virtually%20no%20organization%20could%20run%20without%20the%20use%20of%20the%20Internet,%20and...){kind=link}
Eight Predictions For Online Fraud In 2010
In 1992, when the Internet domain was established and the World Wide Web released
by Conseil Europen pour la Recherche Nuclaire (CERN), the world truly became a global village. The Internet started linking individuals and businesses and there was no question that cross border communication had entered a new era. Today, virtually no organization could run without the use of the Internet, and increasingly more companies are seeing the benefits of leveraging the public cloud and Web 2.0 in businessesNothing is however perfect. While the Internet has enabled countless businesses since its inception, it has also become a hotbed for organized crime. Online fraud has affected millions worldwide, and hackers get better all the time at breaching security perimeters and duping users. Scarily enough, this form of attack knows no boundaries.
Gartner believes security measures such as one-time passwords and phone-based user authentication, previously considered the most robust forms of security, are no longer enough to protect online transactions. In October 2009, the FBIs Internet Crime Complaint Centre reported that cyber crooks had attempted to embezzle approximately $100 million from U.S. banks using stolen log-in credentials.
A decade into the new millennium and the problem still exists. Firewalls, anti viruses and a vigil eye can put the problem somewhat at bay, but solving it will take an even greater effort from both organizations and individuals to keep the online realm safe and beneficial for everyone.
The following are predictions from RSA, The Security Division of EMC, on the online fraud techniques we should be aware of and concerned about in 2010:
Expansion of the Dark Cloud
Enterprises should expect malware infection and Trojan attacks to intensify as fraudsters hone their ability to quickly exploit newly discovered vulnerabilities in websites and desktops. Companies will seek to gain better visibility into the Dark Cloud of cyber crime infrastructure and feed information such as stolen credentials and mule accounts directly into their back-end monitoring systems.
Tipping Point for Enterprise Fraud
At the moment, thousands of Fortune 500 and government employees computers are infected with Trojans that targeted them as consumers. A large amount of these computers are laptops that go home or on the road using secure access through a VPN. In 2010, it will not be a surprise if fraudsters develop ways to monetize these infected resources, which can lead them straight into the affected organizations networks. Bank employees will be a primary focus for these cyber criminals.
The Malware Crystal Ball
The economic downturn in 2009 means that legitimate programmers are available, making the cost to build malware cheaper so expect more of it. With formerly legitimate programmers working on code, enterprises should expect an influx of benefits into malware packages or of malware disguised as performance optimization or even PC enhancement software.
Mobile banking fraud
More customers will be enrolled in mobile banking, and more services will be offered via mobile channels. Banks in Asia and Europe are already experiencing mobile Trojans and SMS redirection attacks. We can expect the U.S. to experience the first wave of attacks towards middle of 2010. Banks will start funding the extension of their online banking protection to the mobile channel.
Web 2.0-based social engineering attacks
Companies are developing Web 2.0 functionality in order to support a growing consumer demand, but this makes them an easier target for social engineering attacks that are combined with malware. We predict that fraudsters will use fake chat programs to collect quality data from Trojan victims, fake social network-based bank applications, and direct attacks on Web 2.0 banking capabilities.
Return to Telephony Fraud
Armed with data stolen via Trojans and phishing attacks including vishing (voice phishing), smishing (SMS phishing) and spear phishing variants fraudsters around the world can call customer service departments to perform fraud called account takeover. These fraudsters often outsource the actual phone call to a multi-lingual third party services provider operating 24/7 out of Russia, since the fraudsters dont speak the language of the target bank. Caller ID spoofing is also prevalent. On a related note, expect to see an increase in new account fraud as the wealth of personal information becomes available after massive data breaches. Technologies such as knowledge-based authentication are widely deployed to defend against this growing trend.
Wildfire infection will increase exponentially
The rate of malware infection of personal computers was 10 times higher during 2009 as compared to 2008. Leading the infection methods are drive-by-download (taking over legitimate websites; routing visitors to an infection server) and social network infections (spamming a victims entire social network friend list with links to infection servers).
Massive mule recruitment
The poor economy serves as the perfect breeding ground for work from home, make lots of money scams designed to lure unsuspecting and innocent people to become mules in money laundering, online fraud and reshipping scams involving stolen e-commerce goods (a US-centric activity). Mitigation includes intercepting databases full of information on mulling schemes, as well as sharing of known mules in real-time between banks in order to leverage a network effect.
Like a deadly disease, online fraud is here to stay. But with vigilance and proper information risk management strategies in place, the Internet is a place where opportunities are limitless for individuals and businesses alike for many generations to come.
Authors Profile
Geoff Haydon, Vice President APJ, RSA, The Security Division of EMC
Geoff Haydon an Ontario University Alumnus, Vice President of Asia Pacific and Japan RSA, The Security Division of EMC. Geoff joined RSA after spending eight years in several successful EMC field and corporate leadership positions.
Prior to joining RSA, Geoff was the Director of EMC's Mid-Sized Enterprise 'Go to Market' global strategy initiative and prior to that was the Country Manager for Canada. During Geoffs twenty years career in IT, he has built and led Asia Pacific businesses on two occasions.
Based in Singapore Geoff is responsible for RSAs Asia Pacific and Japan business growth and overall strategy of implementing an information centric approach to security.
by: IT Var News How Does Video Production Impact Online Success? Consolidate Unsecured Debt Competently Via Free Debt Consolidation Program Online What Should I Ask In A Live Online Psychic Reading? Quit Smoking Online Resources And Strategies: A Terrific Way To Defeat The Dependence Trader Of World Of Warcraft Accounts Backgrounds Online Announces Launch of Retooled Website Generic Salbutamol Online, Albuterol, Asthma Where to Get the Best Hip Hop/Rap Beats Online Albuterol Online, Order Cheap Proventil, Asthma Budesonide Online, Pulmicort, Asthma, Free Prescription Lincoln College Online Summary Mark Kumar - How A Secure Online Wedding Gallery Can Help You And Yours Relive Your Special Day? What Can I Expect From A Live Online Psychic Reading?