Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
FBI warns small bizzes about banking Trojans
WASHINGTON (1/12/10)--So many small businesses are being targeted by cybercriminals that the Federal Bureau of Investigation (FBI) and banking organizations have issued warnings advising small businesses to dedicate a separate computer for online banking. Credit unions setting up online banking for their member business lending should note that FBI does not consider online banking safe if the business's computer used for the online banking tasks also performs e-mail and Web browsing tasks. According to the USA Today (Dec. 30), cybergangs have flooded the Internet with "banking Trojans," malicious software programs that enable criminals to sneak into the victim's PC and manipulate online accounts. The Trojans use two older banking technologies: Automated Clearing House (ACH) transfers and wire transfers to rob small firms, local governments, school districts, churches and non-profits. The victims are mostly small to mid-sized organizations using online banking accounts supplied by local credit unions and community banks. The robberies have increased so much that the FBI, the Federal Deposit Insurance Corp. (FDIC) and the Federal Reserve have all issued alerts in the past two months, said the newspaper. The FBI, which usually stays mum about what it's probing, said it has investigated more than 200 cases mostly in 2008 and 2009 where cybercriminals made fraudulent transactions of about $100 million and succeeded in stealing $40 million. Avivah Litan, banking security analyst at Gartner, a technology consulting firm, told USA Today that the firm advises anyone running small businesses to switch from commercial online accounts to individual consumer account. Consumer protection laws require banks to fully reimburse individual account holders who report fraud quickly. However, banks are invoking the Uniform Commerical Code when dealing with business account holders experiencing stolen accounts. Banks maintain the code absolves them of liability when an agreed-upon security procedure is in place and a theft is traced to a compromised PC controlled by the small business. Litan said it is not realistic for the banks to promote Internet banking as safe based on their expectation that account holders will continually secure their PCs against intrusions. Banks and others should "at least put a large disclaimer on their home Web pages advising customers that they bank online at their own risk."
Other Resources

RSS print
News Now LiveWire
Today's #NewsNow preview of @CUNA board chair Dennis Pierce's testimony before @SenateBanking http://t.co/XgQ81Fn7wR
49 minutes ago
Fazio: @TheNCUA supports Privacy Notice Modernization Act, which allows FIs to send privacy policy notifications only when policy is changed
54 minutes ago
Fazio: Hard to give timeline for when NCUA risk-based capital rule will be finalized...I can say it's the agency's top reg. priority
57 minutes ago
(2of2) NCUA is aware of importance of scaling regulatory, supervisory and assistance prgrms to address unique circumstances of small CUs.
1 hours ago
.@TheNCUA's Larry Fazio: W/ 1/3 of CUs having less than $10M in assets and 2/3 of CUs having less than $50M in assets...(1of2)
1 hours ago