Virus Bulletin Conference: Security expert warns against online banking
Users should stop banking online, as it is too difficult to detect pharming and phishing attacks, a top security expert says.
David Perry, global director of education at Trend Micro, spoke out about his complete distrust of online banking at the Virus Bulletin Conference in Dublin yesterday.
‘I avoid banking online, you just cannot tell if you are experiencing a pharming attack,’ he said, ‘I would say to people “stop online banking”.’
Perry’s suggestion came as a reaction to a recent spate of European ‘pharming’ attacks targeting online banks, which is where hidden malware redirects users to spoof banking websites and collects confidential information, including usernames and passwords.
Although, banks have retaliated by introducing new security measures, like requests for a specific password from a long list, it seems that spoofers are finding holes in security systems just as fast.
‘The cybercrime we are seeing today is much more sophisticated,’ Perry added, ‘Malware has reduced our trust in the Internet and other communication technologies.’
However, Graham Cluley, senior technology consultant at Sophos, responded by saying that there is no reason why people should stop using e-banking.
‘I do feel safe when banking online,’ he said, ‘I think there is a lot more that banks can do, but we should not be so paranoid.’
The consultant said that if banks want to keep customers online they do need to address trust issues, by introducing tougher log-in security systems and reassuring customers. He said that engaging customers more fully with validation processes could help.
‘I would like online banking to give you the option to ask the bank a question’ he said, ‘A question that only we know the answer to – it wouldn’t be that difficult to implement.’
Earlier this year, a survey conducted by software firm Intervoice found that 17 per cent of people have already abandoned banking online because of fears of identity theft, which suggests that banks need to improve online reliability before others flock back to their local branch.