Tuesday, December 14, 2004

FDIC seeks an end to account-hijacking identity theft

An FDIC study provides suggestions to financial institutions for reducing the prevalence and effectiveness of "phishing."

"Fraudsters are taking advantage of the reliance on single-factor authentication for remote access to online banking, and the lack of e-mail and Web site authentication, to perpetrate account hijacking. Financial institutions and government should consider a number of steps to reduce online fraud, including:
1. Upgrading existing password-based single-factor customer authentication systems to two-factor authentication.
2. Using scanning software to proactively identify and defend against phishing attacks. The further development and use of fraud detection software to identify account hijacking, similar to existing software that detects credit card fraud, could also help to reduce account hijacking.
3. Strengthening educational programs to help consumers avoid online scams, such as phishing, that can lead to account hijacking and other forms of identity theft and take appropriate action to limit their liability.
4. Placing a continuing emphasis on information sharing among the financial services industry, government, and technology providers."



Post a Comment