Credit Card Thefts Likely to Increase in Near Future, Warn IT Security Experts |
|
Network this!
Dubai - The incidents like the recent credit card scam that had sent shock waves among millions of bank customers in the region are likely to be on the ascend in the near future, warn the IT experts Tarek Kuzban and Costin Raiv.
Tarek Kuzbani is the Managing Director (Middle East) of Kaspersky LabKaspersky Lab
which is a Russian IT major while the firm's chief security expert Costin Raiv. The firm has just released Arabic edition of new anti-virus and Internet security products in the Middle East.
"We believe what we have witnessed recently is probably just the tip of the iceberg. According to our global information, the credit card fraud is on the increase following the general trend of growth that we have seen for cyber crime during the past 4 years. Its impact will be especially devastating in countries where the general security awareness is not high," Tarek Kuzban and Costin Raiv told Khaleej Times at the region's mega IT show, Gitex.
"Our global experiences with similar incidents indicate that all the frauds of major proportions seem to be caused by an attack directed at the bank, and not any customer in particular. During attacks that happened in other countries, the cybercriminals got access to the bank's systems and managed to copy a portion of their cards database, which they later sold in the black market," they disclosed.
According to them, both the banks and the customers are relatively unprepared for this type of attacks. Customers can easily deflect such attacks through the use of personal security software (such as Kaspersky Internet Security 2009). Banks on the other side need to ensure that the systems connected to the Internet don't have direct access to the bank's private financial information, security software such as Intrusion Prevention Systems (IPS) and good patch management. Especially the last point (patch management), since this was used as an entry vector in some of the recent attacks against banking institutions.
Customers must be very careful while they use their cards on the Internet and in handling access information for online banking systems. Most of the recent Trojans are designed to include components which constantly monitor the Internet activity, scanning for things such as credit card numbers, logins and passwords, which are sent in real time to the attackers. It is also important to have a good security suite installed on their computers at work and home, as well as having the latest patches not just for Windows but for all the software installed in the system.
All banks must re-evaluate the threat of cybercrime and take the necessary steps, such as deploying stronger encryption systems for online banking, in order to avoid an even bigger growth in the number of incidents. According to them the banks are generally well versed into handling card fraud, even that of high proportions.
"We believe that in general, the level of information put forward by the bank to its customers that have become victims of the attack is a bit low. On long term, I believe this is probably going to hurt the bank's business because customers begin to lose trust in the bank, especially if such incidents will recur." "For example, when the first phishing attacks started to appear in other countries, the banks were simply ignoring them and just refunding the customers in an attempt to avoid bad publicity. After the problem became bigger, the banks have started warning the customers about it which resulted in less phishing attacks as customers became security aware, without any bad publicity for the bank."
© Khaleej Times 2008
Comment on this article 
Loading ...-
Zawya encourages you to add a comment to this discussion. You agree that when you add content to this discussion your comments will not:
1.1 Contain any material which is libelous or defamatory of any person, is obscene, offensive, hateful or inflammatory or causes damage to the reputation of any person or organisation.
1.2 Promote sexually explicit material, violence, discrimination based on race, sex, religion, nationality, disability, sexual orientation or age or any illegal activity.
1.3 Be made in breach of any legal duty owed to a third party, such as a contractual duty or a duty of confidence.
1.4 Be threatening, abuse or invade another's privacy, or cause annoyance, inconvenience or needless anxiety.
1.5 Be used to impersonate any person, to misrepresent your identity or affiliation with any person, or be likely to deceive any person.
1.6 Give the impression that they represent Zawya.
1.7 Advocate, promote or assist any unlawful act such as (by way of example only) copyright infringement or computer misuse. - The content posted on www.zawya.com is created by members of the public. The views expressed are theirs and unless specifically stated are not those of Zawya. Zawya reserves the right to review all comments prior to posting and edit or delete any contribution, but Zawya is not responsible for and can not be held liable for any content posted by members of the public on www.zawya.com.
- Zawya is not responsible for the availability or content of any third party sites that are accessible through www.zawya.com. Any links to third party websites from www.zawya.com do not amount to any endorsement of that site by Zawya and any use of that site by you is at your own risk.
- By submitting your comment, you hereby give Zawya the right, but not the obligation, to post, air, edit, exhibit, telecast, webcast, re-use, publish, reproduce, use, license, print, distribute or otherwise use your comments worldwide, in perpetuity.
Loading ...
from issuers in both public and private sectors. It is not an e-tendering service and is entirely FREE.
As an Issuer, you can benefit from posting an unlimited number of Tender
Notices for FREE and reaching out to an online community of bidders.
The service also offers you a tool to track the interest of bidders to your
tenders 'live' online.
| Information Technology Tenders | Due Date |
Stories
Companies
| Company Name | Country | Industry |
| Saudi Binladin Group | Saudi Arabia | Construction and Design |
| Consolidated Contractors Company | Overseas | Construction and Design |
| Saudi Telecom | Saudi Arabia | Telecommunications Services |
| Saudi Electricity Company | Saudi Arabia | Electric Utilities |
| Investment Corporation of Dubai | UAE | Investment Firms and Funds |
| Al Rajhi Bank | Saudi Arabia | Banking |
| Emirates Airline | UAE | Transportation Services |
| Alokozay Group of Companies | UAE | Multi-line |
| Damas Jewellery | UAE | Specialized Retailers |
| Dodsal Engineering and Construction | UAE | Construction and Design |
Projects
| Project Name | Country | Sector |
| Takreer - Ruwais Refinery Expansion | UAE | Oil and Gas |
| ENEC - Nuclear Power Plant | UAE | Power and Water |
| Emirates Aluminium (EMAL) - Smelter Complex - Phase 1 | UAE | Industry |
| SATORP - Jubail Refinery and Petrochemical Complex | Saudi Arabia | Oil and Gas |
| Dubai RTA - Dubai Metro | UAE | Infrastructure |
| ADNOC/ConocoPhillips - Sour Gas Fields Development - Shah Field | UAE | Oil and Gas |
| Qatar Foundation - Sidra Medical and Research Center | Qatar | Real Estate |
| SATORP- Jubail Refinery and Petrochemical Complex - Conversion Unit and Sulphur Package (Part 2) | Saudi Arabia | Oil and Gas |
| Abu Dhabi DOT - Abu Dhabi Metro | UAE | Infrastructure |
| Takreer - Ruwais Refinery Expansion - Offsites and Utilities Package | UAE | Oil and Gas |