Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

3/23/2010
03:43 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Credit Union Offers Mobile Banking Security Tips

Mobile banking is essentially safe, but fraud is on the rise, so consumers need to be aware

San Jose, CA (March 23, 2010) - The widespread use of mobile banking means more convenience for consumers and offers better ways to monitor account activity. Unfortunately, it also means there are more opportunities for consumer fraud, says Technology Credit Union, a Silicon Valley credit union that has served the financial needs of high tech professionals for 50 years and is an industry leader in online and mobile banking technology.

Credit unions and banks across the country employ multiple forms of identification authentication, log-in procedures and encrypted communications to make sure cyber criminals can't access confidential banking information while consumers are using a mobile banking application. However, the biggest threat to mobile security isn't the technology; it's the fact that many consumers are ignorant of the many fraudulent applications that exist online and on mobile platforms.

"Fraudsters know that the key to their success lies in the consumer," said Victor Smilgys, Tech CU's AVP of eCommerce and a mobile banking security expert, "so they are being very crafty in their approach to making the consumer believe an app is harmless and, in some cases, disguising it as a security safeguard. Better education is the key to minimizing these risks."

Though no specific data exists on the prevalence of mobile banking fraud, The Internet Crime Complaint Center (IC3), a partnership between the FBI and the National White Collar Crime Center (NW3C), says that cyber-crime complaints in general have increased significantly over the past year. The IC3 has received 22.3 percent more complaints in 2009 than in 2008 for a total loss of $559.7 million (up from $265 million in 2008) all linked to online fraud.

Consumers can significantly minimize the risk of fraud and help protect their identity while using mobile banking services by following these common-sense tips offered by Technology Credit Union.

TECH CU'S CONSUMER TIPS FOR MOBILE BANKING SECURITY

-Password-protect your mobile device and lock your device when it's not in use. Keep your mobile device in a safe location.

-Frequently delete text messages from your financial institution on your mobile device, especially if they contain sensitive information.

-Never disclose personal information about your accounts via a text message, i.e. account numbers, passwords, or any combination of information that can be used to steal your identity.

-If you change your mobile number or lose your mobile phone, immediately contact your financial institution to change the details of your mobile banking profile.

-Do not hack or modify your device, as this will leave it susceptible to infection from a virus or Trojan.

-When possible, install mobile security software on your device (if it's available). Some mobile security solutions include: AhnLab Mobile Security, avast! PDA Edition, Kaspersky Mobile Security, and Norton Smartphone Security.

-Be aware that malware exists and fraudulent applications will continue to pop up. Don't download applications onto your phone without checking them out first. Verify the legitimacy of an application with your financial institution before downloading it to your smartphone - verify that the app publisher or seller is your financial institution, or if possible, go through your financial institution's web site to download the application.

-Report any banking application that appears to be malicious to your financial institution right away.

-Monitor your financial records and accounts on a regular basis and consider having electronic alerts on account activity sent to your email or mobile device. Regularly review your statements with online banking. This will enable you to spot any suspicious activity

If you have been a victim of identity theft, contact your financial institution immediately. You should also place a fraud alert on your credit report and continue to review your credit reports, close the accounts that you know (or believe) have been tampered with or opened fraudulently, and file a complaint with the Federal Trade Commission (FTC). Go to www.ftccomplaintassistant.gov for more information.

Finally, Smilgys points out that using mobile banking can actually help deter some fraud because it gives a person an easy way to check their account on a regular basis and notify their credit union or bank more quickly if they see suspicious activity.

ABOUT TECHNOLOGY CREDIT UNION Technology Credit Union is a full-service financial institution serving and high tech professionals and their families who work, live or study in Santa Clara, Alameda, Contra Costa, Santa Cruz, San Mateo and San Francisco counties. First established in 1960, Tech CU is now among the top 1 percent of the nation's largest credit unions. It is recognized as one of the best managed and strongest financial institutions in the country, as indicated by Tech CU's 5-star rating from Bauer Financial, the nation's largest independent rating service for banks and credit unions. With more than 77,000 members, over $1.3 billion in assets and 10 full-service branches around the Bay Area, Tech CU is a leader in the credit union industry. For more information, visit www.TechCU.com.

CONTACT INFORMATION: Tawnya Lancaster Public Relations Phone: 408-205-1618 [email protected]

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27132
PUBLISHED: 2021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
CVE-2021-25284
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
CVE-2021-3144
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
CVE-2021-3148
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
CVE-2021-3151
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...