Articles about banking security

The Register breaking news

Camby cash crypto-coders Cronto chomped on pronto by Vasco

Swiss software firm Vasco has bought Cambridge-based banking security specialist Cronto in a deal valued at up to £14.5m. Vasco will pay $19.3m (€15m, £12.7m), and a further $2.6m (€2m, £1.8m) depending on future earnings, to get its hands on the British upstart's malware-defeating technology. Its software attempts to shield …
John Leyden, 22 May 2013
The Register breaking news

Major £30m cyberheist pulled off using MOBILE malware

Cybercrooks swiped £30 million (€36m) from the banks accounts of 30,000 customers in Italy, Germany, Spain and Holland over the summer using an elaborate mobile banking fraud scam. The malware-based attack targeted both corporate and private banking users, performing automatic transfers that varied from €500€ to €250,000 to …
John Leyden, 7 Dec 2012
The Register breaking news

Cambridge boffins: Chip and PIN cards CAN be cloned – here's how

Boffins at Cambridge University have uncovered shortcomings in ATM security that might be abused to create a mechanism to clone chip-and-PIN cards. The security shortcoming might already be known to criminals and creates an explanation for what might have happened in some, otherwise baffling, "phantom" withdrawal cases. Each …
John Leyden, 13 Sep 2012
The Register breaking news

Online bank punters tricked into approving theft of their OWN CASH

Security researchers have discovered a malware-based attack against the chipTAN system used by bank customers in Germany to authorise transactions online. The chipTAN system involves the use of a card reader into which a chip-n-PIN bank card is inserted, which generates a transaction authentication number (TAN) used to green- …
John Leyden, 6 Sep 2012
The Register breaking news

Chip and PIN keypads 'easily fooled' with counterfeit cards

Black Hat 2012 Retail Chip and PIN devices might easily be attacked using a specially prepared chip-based credit card, according to security researchers. Researchers from British IT security company MWR InfoSecurity demonstrated the attack at a session during the Black Hat Security Conference in Las Vegas on Wednesday. MWR purchased the …
John Leyden, 27 Jul 2012
The Register breaking news

FBI nabs AWOL soldier for stealing Paul Allen's debit card

An alleged US Army deserter has been charged with stealing the identity of Microsoft co-founder Paul Allen to run a bank fraud scam. Brandon Price, of Pittsburgh, Pennsylvania, allegedly conned Citibank call centre workers into changing Allen’s address to that of Price’s modest home – as well as changing the phone number …
John Leyden, 28 Mar 2012
The Register breaking news

Mobile banking security bypassed in fiendish malware blag

Cyber-crooks are blagging SIM cards that allow them to circumvent mobile-based banking security measures and swipe cash from punters' accounts. Security biz Trusteer has uncovered two elaborate techniques that will defeat out-of-band authentication mechanisms such as SMS-delivered one-time passwords (OTP) for online banking …
John Leyden, 15 Mar 2012
The Register breaking news

Crap PINs give wallet thieves 1-in-11 jackpot shot

Four-digit banking PINs are almost as insecure as website passwords, according to a study by Cambridge University computer scientists. The first-ever quantitative analysis of the difficulty of guessing four-digit banking PINs estimates the widespread practice of using a date of birth as a PIN code and other factor means that …
John Leyden, 22 Feb 2012
The Register breaking news

Hackers may be able to 'outwit' online banking security devices

Hackers may already able to use malware to outwit the latest generation of online banking security devices, security watchers warn. An investigation by BBC Click underlines possible shortcomings in the extra security provided by banking authentication devices such as PINSentry from Barclays and SecureKey from HSBC. Using such …
John Leyden, 6 Feb 2012
The Register breaking news

Saudi hackers plaster 14,000 credit card privates on web

A Saudi Arabian hacking group claims it has leaked information on up to 400,000 Israelis, including names, addresses and credit card details. The data dump follows a reported attack on Israeli websites and has already led to fraudulent use of the sensitive info. Credit card biz Isracard said it had issued 6,600 of the 14,000 …
John Leyden, 4 Jan 2012
The Register breaking news

'Self-aware' bank account robbing code unleashed by hacker

A hacker has published code for potent cross-site scripting attacks that he claims go beyond the usual cookie stealing and phishing for users' private details. Cross-site scripting (XSS) flaws allow attackers to present content under their control in the context of a vulnerable yet trusted site, thus tricking marks into …
John Leyden, 16 Dec 2011
The Register breaking news

OpRobinHood more likely to stiff punters than bankers

Charities are unlikely to benefit from an Anonymous-led operation attempting to use stolen credit card details to make donations to worthwhile causes. OpRobinHood aims to defraud banks for the benefit of the majority and comes as a response by hacktivists to the crackdown on the Occupy movement. Anonymous has joined forces …
John Leyden, 2 Dec 2011
The Register breaking news

Anonymous launches OpRobinHood against banks

Anonymous and other hacktivists have joined together to launch an attack on banks in response to recent crackdowns against the Occupy protest movement. TeaMp0isoN and Anonymous are joining forces to run OpRobinHood, which will involve using stolen credit details to donate to charities and others, supposedly at the expense of …
John Leyden, 30 Nov 2011
The Register breaking news

Free and subdomain hosting lets phishing sites live longer

A growing numbers of phishers are using free domains and subdomain to register net fraud sites, a move that seem to have allowed phishing sites to stay online longer. Official figures from the Anti-Phishing Working Group (APWG) records that around 11 percent of all phishing attacks took advantage of either the free .TK domain …
John Leyden, 27 Apr 2011
The Register breaking news

Shifty scripts on Santander site prompt security fears

Updated Parent firm Santander is reassuring customers that the website of its banking subsidiary Alliance & Leicester is secure despite the presence of JavaScript on its login pages served up from recently created sites of unknown provenance. Reg reader Matt Freeman said he was prompted with a SSL certificate warning from a domain …
John Leyden, 20 Apr 2011
The Register breaking news

Trusteer vows to fight 'baseless' code-theft lawsuit

Transaction security firm Trusteer has vowed to fight a US lawsuit filed by rival developer Blue Gem Security which alleges code theft. Blue Gem is seeking unspecified damages, costs and an injunction over allegations that Trusteer plagiarised code to maintain compatibility between anti-keystroke logging software types of …
John Leyden, 7 Apr 2011
The Register breaking news

Three strikes ID fraudster jailed for 16 years

A recidivist ID theft fraudster who used a people search website to verify the authenticity of stolen social security credentials has been jailed for more than 16 years. Todd Yurgin, 41, of Newark, Delaware, earned the severe sentence because he had twice previously been convicted of federal fraud offences. In sentencing, …
John Leyden, 29 Mar 2011
The Register breaking news

iPhone-wielding chumps rush to give data to phish sites

Mobile users are three times more likely to respond to phishing scams than their PC-using counterparts, according to stats prised from fraudulent websites. An analysis of logs from several phishing websites by transaction security firm Trusteer revealed that not only were they among the first visitors to arrive at a phishing …
John Leyden, 6 Jan 2011

Create a news alert about banking security, or find more stories about banking security.

Biting the hand that feeds IT © 1998–2018