Add to the equation that, this morning, Trusteer, released their findings of a recent study which claimed that 73% of online banking customers reuse their banking credentials to sign into other sites, such as Facebook, Twitter, etc. (See an excerpt from my post on that story below) It seems fairly obvious that hackers have tremendously fertile fields to harvest. Solution? We need to stop typing and start swiping.
The fact that banks tell us to "TYPE" our online banking usernames and passwords into boxes in the first place leaves questions about their intelligence. Because intelligence I've gathered says that banking malware programs, phishing, keystroke logging and myriad other threats all point to the fact that "Typing is the cause of the problem."
Thus...if 73% of online banking customers are "stupid" maybe it's because banks are not the brightest teachers. After all...every online bank touts the security of its online platform... just prior to asking you to "type" your username and password into a box on a website protected by httbs:// security. So I don't blame the consumers, I blame the banks. Remember, just a week ago, 80% of consumers were smart...according to a recent RBS study...
Read more: http://pindebit.blogspot.com/2010/02/trusteer-says-73-of-online-banking.html#ixzz0eOT2doh4
Here's an excerpt from the ZDNet story...
The recently released APWG Phishing Activity Trends Report for Q3 of 2009, details record highs in multiple phishing vectors, but also offers an interesting observation on desktop crimeware infections.
According to the report, the overall number of infected computers (page 10) used in the sample decreased compared to previous quarters, however, 48.35% of the 22,754,847 scanned computers remain infected with malware.
More details:
"Though the scanning system checks for many different kinds of potentially unwanted software, for this report, Panda Labs has segmented out ‘Downloaders’ and ‘Banking Trojans/Password Stealers’ as they are most often associated with financial crimes such as automated phishing schemes.