Citibank pledges to stay ahead of cyber criminals
RAVI BHASIN
Citibank pledges
to stay ahead of cyber criminals
By- The Standard
Wednesday, January 31, 2007
Anti-fraud task forces will keep pace with the changing
methods of cyber criminals despite a rising global trend of identity theft and
commercial fraud at Citibank.
Combining a technologically savvy approach with psychology, they try to make dubious personal information gathering as plausible as possible to trick customers.
Identity theft involves compiling personal particulars of victims with the intention of using them to obtain access to their assets. Information such as bank-account numbers, addresses, dates of birth and identity-card numbers are all readily found in regular household garbage, prompting experts to recommend that people destroy important documents before disposal. Sensitive data such as personal identity numbers or signatures are more difficult to steal, yet criminals employ a wide array of tactics to gain such information.
Other gathering methods include fake surveys and questionnaires, but the most prevalent tactic is phishing online, which uses tricks to lure victims into divulging their personal information. Internet-borne viruses such as spyware and trojan horses have jumped by 250 percent.
According to the US Federal Trade Commission, about 10 million Americans are affected by identity fraud annually, involving losses of US$50 billion (HK$390 billion).
Over the past two months, the Hong Kong Monetary Authority has found four fraudulent Web sites purporting to be the sites of banks. The sites prompted unsuspecting users into divulging personal information such as Internet banking user names and passwords, account numbers and other sensitive data.
A closely duplicated Web site was found posing as the bona fide Citibank site which asked users to provide a wealth of personal information.
Citibank and several other international banks use advanced computer programs and algorithms to track their global transactions. Upon discovering irregular spending or transaction patterns, the banks contact the account holder directly. Citibank has such a service, termed Banking Advanced Fault Early Warning System, with operations and operators working around the clock, seven days a week.
Con artists posing as legitimate parties also try cold calling, requesting personal information. More tech-savvy scammers employ tone recorders that can deduce the digit input based on the sound recorded over the phone.
As a general practice, no bank will ask you to provide your PIN orally. However, some reputable institutions do utilize touch-tone inputs which can also be utilized by criminals.
The highest level of bank fraud involves outfitting automated teller machines with concealed add-ons that can fit over card readers and overhead. The add-ons are used to acquire images of the keypad to record PINs.
Tips to protect personal information include shredding important documents, not using birthdays as PIN numbers, hiding the keypad when inputting, not performing banking on public computers, not answering unsolicited mail and checking Web addresses.
http://www.thestandard.com.hk/news_detail.asp?pp_cat=11&art_id=37234&sid=11976247&con_type=1
Hemant
deserves to be complimented for the steps initiated by them to prevent
frauds on the internet and for their determination to be ahead of the
criminals in this behalf. Banks in India should emulate the strategy
adopted by Citibank. Prevention is better than cure. There should be
ongoing research as to the vulnerabilities in the systems which may
encourage criminals. All concerned should be alerted timely.
Hemant.
On Feb 1, 7:16 pm, "RAVI BHASIN" <ravi.bha...@gmail.com> wrote:
> Citibank pledges to stay ahead of cyber criminals
>
> By- The Standard
>
> *Wednesday, January 31, 2007*
> http://www.thestandard.com.hk/news_detail.asp?pp_cat=11&art_id=37234&...