Question:  Do you still really believe it is safe to bank online by typing in your username and password instead of authenticating yourself the same way you would do at an ATM? 



According to the latest study by Symantec, up to 43 MILLION people may have voluntarily (can you say..."duped") given their bank details to the bad guys. 



Don't people know that "sharing" their username and password to "anybody" (let alone the bad guys) means that the bank won't reimburse them?  Seriously...here's an example from Wells Fargo. 




Our Guarantee


We guarantee that you will be covered for 100% of funds removed from your Wells Fargo accounts in the unlikely event that someone you haven’t authorized removes those funds through our Online Services. To qualify for this guarantee, you must follow Your Responsibilities below.


Online Services means any Wells Fargo Online® or Wells Fargo Business Online®services you use to initiate consumer, business, or brokerage monetary transactions.




Your Responsibilities


You are responsible for protecting your password and account information by: Not disclosing your personal account information to others (including your ATM PIN, online username, and password) 



Think about it.  43 Million in 12 months. Voluntarily



Let's put that in perspective.  How long did it take McDonald's to serve 43  Million Hamburgers at 15 cents each?   It took them years and years. 



43 Million in 12 months means that (as predicted)...it's getting a lot worse before it's getting better...in fact...it's getting downright crazy!



Up to 43 million people could have given their bank details to cyber criminals after being duped by fake anti-virus software online, a web security firm has found.




Figures published by Symantec suggest: 93 percent of the people scammed downloaded the rogue programs "by choice" after being tricked into believing it was legitimate.



Editor's Note: So much for the idea of "educating" customers about the dangers of phishing. I never really thought that was a good "master plan" anyway.


The better "master plan" would be the elimination of typing username/passwords into a box at an online banking website. Then phishers have nothing to phish phor. Otherwise...online banking fraud will double...I suppose instead of giving away a HomeATM SLIM they could ask their online banking customers if they "Would Like Phries" with their Philet-O-Phish...




Click Here for the PDF Version of the Symantec Report




From Symantec: Web users fall prey to the scam when they click on links, pop-ups or flashing adverts warning them their computer is infected. The fake program then appears to run a virus check which tells the user their PC is infected and asks them to pay for it to be cleaned up.



But downloading the software can give criminals access to bank details and computer files. Symantec found 250 rogue programs were downloaded 43 million times in the 12 months to July 2009.



The company's analysts believe a small number of people run networks of more than 1,000 distributors — whose earnings are linked to the number of machines they infect.



The distributors, most of whom are in the United States, may not even realize they are acting illegally. "It is a challenge to (ph)fight this," Orla Cox, Symantec's security operations manager told Sky News Online.






Continue Reading at Fox News











Reblog this post [with Zemanta]

Posted by John B. Frank Wednesday, October 21, 2009

0 comments

Payments Industry News Blog

Search the PIN Debit Blog by Subject

Kapersky Calls for Mass Adoption of Card Readers

Kapersky Calls for Mass Adoption of Card Readers