- #APPLE CD DRIVE ON WINDOWS MACHINE SOFTWARE#
- #APPLE CD DRIVE ON WINDOWS MACHINE CODE#
- #APPLE CD DRIVE ON WINDOWS MACHINE PC#
- #APPLE CD DRIVE ON WINDOWS MACHINE SERIES#
#APPLE CD DRIVE ON WINDOWS MACHINE CODE#
whose bank also required customers to enter a code from a security token. Thieves used the same approach to steal $447,000 from Ferma Corp., a demolition firm in Santa Maria, Calif.
#APPLE CD DRIVE ON WINDOWS MACHINE SERIES#
Indeed, Johnston said the company's computer logs show that the controller logged into the system while the series of thefts was already in progress.
#APPLE CD DRIVE ON WINDOWS MACHINE PC#
But the thieves - armed with malware on the company controller's PC - were able to intercept one of those codes when the controller tried to log in, and then delay the controller from logging in. Johnston's bank requires customers to enter the code from a Vasco security token.
based Sign Designs, lost nearly $100,000 on July 23 due to Windows-based malware. Over the past two months, I wrote about the plight of two companies that were victims of online bank fraud despite the fact that their banks required the use of these security tokens.ĭavid Johnston, owner of Modesto, Calif.
#APPLE CD DRIVE ON WINDOWS MACHINE SOFTWARE#
Malicious software also is helping thieves defeat so-called two-factor authentication, which generally involves requiring online banking customers to enter something they have in addition to their user name and password, such as the code generated by a key fob that creates a new, six-digit number that changes every 30 seconds. In the case of Bullitt County and at least three other victims I've interviewed in the past three months, the attackers used their malicious software to route their connection to the bank's Web site by tunneling through the victim's own Internet address and computer. In that attack, thieves used malware planted on the treasurer's system to effectively add themselves as an authorized approver of transactions.īanks also often keep track of the Internet addresses used by their customers, and erect additional security measures when those customers access their online accounts via unfamiliar addresses or computers. Many banks offer customers the option for so-called "dual controls" - requiring at least two authorized employees to sign off on any money transfers. illustrated how thieves use malware to defeat two of the major lines of defense commonly used by banks to thwart unauthorized activity. The now-infamous hack against Bullitt County, Ky. Also, the Windows-based malware employed in each of these recent online attacks against businesses was so sophisticated that it made it extremely difficult for banks to tell the difference between a transaction initiated by their customers and a transfer set in motion by hackers who had hijacked that customer's PC. Why is the operating system important? Virtually all of the data-stealing malware in circulation today is built to attack Windows systems, and will simply fail to run on non-Windows computers. I have heard stories worthy of a screenplay about the myriad ways cyber crooks are evading nearly every security obstacle the banks put in their way.īut regardless of the methods used by the bank or the crooks, all of the attacks shared a single, undeniable common denominator: They succeeded because the bad guys were able to plant malicious software that gave them complete control over the victim's Windows computer.
But I have interviewed dozens of victim companies that lost anywhere from $10,000 to $500,000 dollars because of a single malware infection. I do not offer this recommendation lightly (and at the end of this column you'll find a link to another column wherein I explain an easy-to-use alternative). The simplest, most cost-effective answer I know of? Don't use Microsoft Windows when accessing your bank account online.
An investigative series I've been writing about organized cyber crime gangs stealing millions of dollars from small to mid-sized businesses has generated more than a few responses from business owners who were concerned about how best to protect themselves from this type of fraud.
0 kommentar(er)
