5:45 PM -- If you're like me, you know most of the tellers at your bank's drive-through by name. They are the familiar face behind the glass that smiles, gives my kids lollipops and the dog a biscuit when he rides shotgun, and thanks me when I make a deposit or withdrawl.
But with cybercriminals starting to work with bank insiders or "plants" to pilfer account information and launch a frenzy of transactions before the unsuspecting victim knows what hit him, Shirley the Teller at my bank could be my worst nightmare. Think about it: She knows personal information, like what flavors of lollipops my kids like, that my dog is a border collie/golden retriever mix named Jax, and oh, yeah -- she has access to my bank account information. (See CyberGangs and Thieves: An Unholy Alliance.)
We all know the dangers of online banking, but we don't usually worry about dropping that deposit into the drive-through's drawer. Okay, so maybe Shirley doesn't have ties to the Russian cybergang that's buying stolen credit card numbers in bulk. But what if one of her co-workers has gone to the dark side because he has an ax to grind with his boss, or is in a financial bind and needs a little extra cash on the side? Or what if that new hire at the bank is also working for an identity theft ring?
I know, I know. It sounds like a bad spy novel. But just as you can't take for granted that your credit card data is safe when you go Christmas shopping online, you can no longer assume your brick-and-mortar bank can't be infiltrated, too. Cybercriminals are reaching out to traditional criminals, bank robbers, and yes, even bank tellers, to cast a more efficient and targeted net on potentially valuable information: Yours.
Kelly Jackson Higgins, Senior Editor, Dark Reading