Phishing hits one in four Asian banks

By Vivian Yeo, ZDNet Asia
Friday, June 27, 2008 03:31 PM

Banks in the region are realizing the importance of online transaction security but not many have taken steps to address this, according to a new study.

ReadiMinds, which released the survey results, said in a statement Thursday that over 25 percent of banks in Asia have been targets of phishing attempts in the past year. Headquartered in Singapore, ReadiMinds provides security software targeted at financial institutions.

Conducted this month, the survey covered banking institutions in Bangladesh, Cambodia Hong Kong, Indonesia, Malaysia, the Philippines, Singapore, Sri Lanka, Taiwan, Thailand and Vietnam. ReadiMinds did not disclose to ZDNet Asia the number of respondents.

Some 20 percent of banks in the region have implemented stronger online security--in the form of two-factor authentication (2FA)--and the trend is growing, said ReadiMinds. Software-based 2FA is becoming the preferred mode of second-factor authentication, over hardware tokens.

In addition, only 20 percent of financial institutions surveyed had a formal plan to heighten customer awareness against online fraud and identity theft.

Adopting a risk-based approach
A ReadiMinds spokesperson told ZDNet Asia in an e-mail Thursday that most banks have currently not adopted a risk-based approach toward online transactional security. For example, the systems do not factor in the country from which the customer is making a transaction, or the transaction amount.

"They (the systems) follow the same process irrespective of whether you are undertaking the banking transaction from Singapore or Nigeria, or whether you are transferring $200 or $1,000," the spokesperson said.

Applying risk-based transaction authorization, fraud detection and strong user authentication are key to a holistic approach to transaction security, said ReadiMinds.

According to the survey, over 30 percent of banks that have recently implemented stronger online security had adopted a risk-based approach.


WORTHWHILE?

2

2 votes
Blog

Talkback 1 comments

Data theft, breach, online security
There is something that is helping a lot of people, judging by the business blogs I've been reading. It's a defined eCulture called 'The Business-Technology Weave' - it helps to influence employee behavior and morale. The book I.T. Wars: Managing the Business-Technology Weave in the New Millennium is the leading voice, and concentrates on the solution--it helps to influence employee behaviour as regards security, use and integrity of data--as well as protection of hard assets (such as laptops). The book I.T. Wars is the leading voice, and concentrates on the solution – a proactive treatment and training of people, and reinforcements to their corresponding security awareness. I'd love to see a feature that includes this author's viewpoints - this is relevant: www.businessforum.com/DScott_02.html . Some good stuff here too: www.david-scott.net . We use his book at work - stupid mistakes like deleted and misplaced data have dropped tremendously. Our CEO even requires our vendors to read it.
Posted by John Franks on Friday, June 27 2008 09:12 PM


Tech Jobs Now!

Search for your ideal tech job:

Common ways IT wastes money on development

Web Development

Examples include using developers as support staff and failing to calculate a project's ROI before giving it the go-ahead.


Read more »



  • Enterprise 2.0

    Vince Casarez, vice president of product management at Oracle, explains how Web 2.0 technologies, such as tags, wikis, and mash-ups, can be applied within an organization.
    Play video


  • Nehalem Architecture

    What makes next-generation Intel® Microarchitecture (Nehalem) such a superior successor?
    Play video

 
On demand CRM goes strategic
CRM technology has come of age, and is now able to align with your customer strategy and grow in step with your business.

» Learn more about Oracle’s CRM Solutions



Free the untapped potential of your IT infrastructure
Reduce bottlenecks to drive the efficiency and productivity of Business IT.
» Ultimate virtualization blade
» Scalable SAN solution
» Accelerate service delivery

Could this be the most critical budget for India?

Blog thumbnail

For business journalists in India, budget time is excitement time. It's like sports journos covering the Olympics. As a newspaper correspondent, I too had my fill of budget-time excitement. But..... by Swati Prasad

Read more »

Tags

  1. attack
  2. bank
  3. blog
  4. data security
  5. e - mail
  6. hacking
  7. internet
  8. malware
  9. microsoft corp.
  10. network
  11. network security
  12. pc security
  13. researcher
  14. security
  15. security management
  16. software
  17. spam and phishing
  18. u.s.
  19. viruses and worms
  20. web