CA NeWs Beta*: Cyber fraudsters now target two-factor bank authentication

Search This Site

Sunday, September 1, 2013

Cyber fraudsters now target two-factor bank authentication

Internet security solutions firm McAfee has asked customers to use only the official App (application) offered by their respective banks when they carry out financial transactions online.
The company, in its threat report for the second quarter, found that cyber fraudsters are attempting to bypass the two-factor authentication set by these banks.
“Once the attacker has stolen a username and password from a victim’s PC, the thief needs only to get the user to install SMS-forwarding malware,” the company said.
When they don’t, they will be duped.
“While the victims think they have the original app installed, the attacker logs in to the users’ accounts to get the latest SMS from the bank,” it said. Banks in Europe and Asia require two-factor authentications via SMS messages. When customers log in to their bank accounts online, they are sent a mobile transaction authentication number (mTAN) as a text message.
They must then enter the mTAN code to get access to their accounts.
This step prevents an attacker, who steals only the username and password, from making off with the victim’s money.
The total number of suspect URLs tallied by McAfee Labs crossed 74.7 million by the end of June. This represents a 16 per cent increase over the first quarter. These URLs refer to 29 million domain names, up by 5 per cent from the previous period.

No comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...
For mobile version of this site click here


News Archive

Recommended Post Slide Out For Blogger