Friday, October 19, 2018   You are here:  Features   Search
  Industry News Minimize
  Online ‘Friends’ Can Undercut Bank Security
Online ‘Friends’ Can Undercut Bank Security

By John Jaser

The threat of cyber crime never truly goes away, particularly as banks increase their use of the Internet through social networking, browser tool bars and flash animations. This richer Web experience opens new possibilities for Internet crime, particularly as thieves shift their attacks from e-mail to the Web.

Recent stories in a variety of media have focused on the new generation of computer worms and viruses designed to turn our online “friends” against us. Because these exploits are embedded in social networking sites, they don’t attempt to infect via e-mail or website links. This often immunizes the exploits against antivirus and firewall software.
To combat these new threats, companies and financial technology services are installing advanced Web filtering capabilities along with other intrusion detection programs. These systems help prevent bank personnel from visiting criminal web sites and from inadvertently downloading crimeware, which can corrupt networks and steal private information.
One of the current risks is the koobface worm, which is spread through interactive social networking sites. The worm strikes while users are browsing Facebook, MySpace, Hi5 and other sites.
The danger comes from third party developers who add functionality to Facebook by contributing plug-in programs. In some cases, these plug-ins will accept user input without properly sanitizing the incoming data. As a result, malicious content can be injected onto the user’s Facebook page via the vulnerable plug-in.
The koobface worm uses this technique to direct the user’s browser to download a JavaScript file from a third party server. The JavaScript then redirects the browser to a malicious website.
This site mimics the appearance of Facebook and YouTube, and contains a fake Adobe Flash video with the error “This content requires Adobe Flash Player 10.37. Would you like to continue?” The user is then prompted to download a file called “setup.exe.” Once executed, this file attempts to infect the workstation and continue connecting with malicious servers for updates thereafter.
Web filtering and intrusion prevention systems are part of the multi-layered approach to security recommended for all users. To further protect your bank’s users, consider the following security countermeasures at your bank:
Ensure that all desktops and servers are running professional, up-to-date anti-malware and anti-spyware applications.
If you have a Web filter, consider blocking users from browsing sites in the social networking category via your Web filtering configuration. Many banks have blocked this category to improve productivity, since social networking sites are often considered a distraction. In light of the potential security risks presented by these sites, you might block this category completely. If necessary, you might grant specific client IP addresses access to these resources (such as the human resources and marketing staff).
Ensure that users do not have administrative rights on their PCs if not necessary. This can reduce an attack’s success.
Educate staff to be aware of suspicious URLs and websites. Many attacks rely on social engineering and user interaction. By training the user to be aware of suspicious addresses and behavior, you can reduce the likelihood that users will become victims of these scams.       

John Jaser manages Internet Services and Security at Avon, Conn.-based COCC, Inc., (, a 43-year-old firm specializing in outsourced information technology and support.

Posted on Monday, April 05, 2010 (Archive on Sunday, July 04, 2010)
Posted by Scott  Contributed by Scott


Current Rating:

Privacy Statement   Terms Of Use   Copyright 2013 The Warren Group    Login