The severity of the 20 years prison sentence handed down to convicted TJX hacker Albert Gonzalez for running his own multi-million-dollar card hacking scam sends a very positive message that crime – and cybercrime in particularly – really does not pay in the long run, says IT security firm Trusteer.
And, says Mickey Boodaei, the firm’s CEO, the case rams home the message that bank card and account owners need to protect their cards and online assets if they are to avoid waking up to the horror of finding no money in their bank accounts.
"As the truth slowly emerges, however, it should now be apparent to the man and woman on the street that banking cybercrime – which is actually just another type of money fraud – is a very real threat to you, me and almost any bank or payment card user," said Boodaei, whose firm Trusteer, provide browser security and fraud prevention services that protect the customers of many UK banks.
But, the Trusteer CEO went on to say, threats can be mitigated by effective IT security technology and this is exactly what banks and allied financial institutions the world over are doing behind the scenes, to protect their customers’ money.
But the widespread nature of electronic crime – with criminals being lured by the big money they can generate from their frauds – is such that implementing the security is now a team effort between the banks and their customers.
Banks require the right tools and processes to investigate incidents and provide law enforcement official with accurate information which could lead to arrests and Trusteer recently launched “Flashlight” a remote fraud investigation and mitigation service identifies the attack source on a customer’s machine, gathers samples, and can reverse engineer the mechanism used by the malware to commit fraud. Findings enable banks and other organizations to prevent future losses, block subsequent attacks, and takedown command/control servers and provide forensic evidence required for arrest and prosecution.
You wouldn’t, he explained, walk into a coffee bar or pub, order a drink and leave your wallet on the table, and it’s exactly the same with electronic assets in the shape of online banking credentials.
Trusteer, Boodaei says, is doing its bit by supplying banks such as HSBC, RBS/Natwest and the Santander Group, with its Rapport browser plug-in security software, which helps to stop sophisticated e-banking frauds such as man-in-the-middle and password-sniffing attacks.
"The TJX/Gonzalez case shows that organisations such as the FBI are doing their bit as well, but criminals would always look for the weakest link in the chain to steal customers’ money. Right now the weakest link is the customer’s computer which can be targeted by sophisticated malware and phishing attacks. To protect against this customers should install the best possible IT security software and systems on their computers, before going online to their e-banking services," he said.
"Internet users need to sit up and take notice of cases like this one. There are much smaller frauds going on all the time, each of which can result in your bank account being hit for six. E-banking customers need to use all the security technology they can muster to avoid their own accounts being drained," he added.
For more on the TJX hacker sentencing: http://bit.ly/bH1yWO
