ABN Amro problem predictable

 "The bank says that its customers opened an email attachment that resulted in a virus being executed on their machines. This virus changed their browsers' behaviour so when they went to open the real ABN Amro online banking site, they were instead re-directed to a spoof site.

 

 

The customers then typed in their passwords, which the attacker in turn used to access the bank's real Web site.

The customer's own transactions were passed along to the real site, so they didn't notice anything wrong right away, while the attacker simultaneously made their own fraudelent transactions using the bank's urgent payment feature."

 

One thing that 100% of security experts will tell us, is that there is no universal solution.  Security requires a layered approach of a security portfolio comprising multiple solutions.  Tokens have been held out as "the" solution, and this simply not true.

 

 

 

 

Comments

Please alway use the SECURE site
https://www.abnamro.nl/nl/index.html

all the best

 And that is the problem.

 

How do the users know to use the https link. The bank is satisfied if the succeeded attemps of skimming/phishing is 1% but still that 1% is a large amount of money.

And as a bank I think its not acceptable that their website is able to go "offline" they should have a back-up for this.

 

A very good idea, but if I were the webmaster of abnamro. I would make the site automaticly https. Bank information is very very important.

Published by:

CWZ's picture

Name
Reza Rafati

Information
I am the founder of Cyberwarzone.com and I focus on sharing and collecting relevant cyberconflict news., The goal of Cyberwarzone is to provide the world a portal with global cyberwar information. The effort in getting this cyberwarfare information is hard. But as the internet is growing we need to get an global cyberwar & cybercrime monitoring system., By the people and for the people. We will be gathering information about Cybercrime, Cyberwarfare and hacking. LinkedIn: http://www.linkedin.com/pub/reza-rafati-%E2%99%82/1a/98b/197

Country
The Netherlands

My website
Cyberwarzone.com

Twitter:
http://twitter.com/#!/cyberwarzonecom