IronKey Chairman Dave Jevans to Report on Greatest Security Risks to Banks at Payments Strategy Forum

November 1, 2011

SUNNYVALE, CA--(Nov 2, 2011) - Banks and their commercial clients face the persistent threat of online channel attacks from undetected crimeware on customers' desktops. According to Gartner, crimeware designed to takeover online banking accounts and steal money is now the most significant threat concerning U.S. banks.1

Financial services executives will be presented with "Strategies to Fight Online Account Takeover and Payments Fraud" when IronKey Chairman Dave Jevans and co-presenter, Kevin Thomsen, senior vice president, Citibank Strategies, address the topic at the Global Concepts 2011 Payments Operations & Strategy Forum, Wed., November 16th from 2:45 PM - 3:45 PM at the Four Seasons Hotel in Atlanta.

With 45 percent of U.S. PCs infected by crimeware, according to the latest Anti-Phishing Working Group (APWG) research, the risk of online banking crime, in which one wrong click can lead to financial disaster, has never been greater. Today's anti-malware software fails to detect these threats at least 75 percent of the time according to real-time research from SpyEye Tracker.2 As a result, online banking account takeovers grew more than 150 percent based on new research published by FS-ISAC (Financial Services Information Sharing and Analysis Center).

Jevans will share the latest information regarding these risks to the financial executive and online banking customers' desktops, and Thomsen will discuss Citi's strategy for fraud prevention.

Jevans will update financial executives on these developments:

  • An increase in spear-phishing, where individuals inside companies and government agencies are targeted by criminals who send individualized fake emails to their victims, often with crimeware payloads. These emails usually evade spam and anti-virus filters, and are very effective at infecting a user's computer.
  • How cybercriminals are using social media to social engineer spear-phishing attacks on CFOs, controllers and others in corporate finance roles. Criminals are taking their time, compiling as much information as they can through emails, social networking activity, chat records and even phone calls, before going after the big pay out.
  • An expectation for more targeted attacks to commercial accounts and high profile individuals like CEOs, CFOs and celebrities.
  • Smart phones will also likely become a target, working in conjunction with malware installed on computers. In short, threats will become more sophisticated, more complicated and harder to detect.

"It's important that banks understand how financial malware such as ZeuS and SpyEye work and how they can go undetected by anti-virus software, firewalls and other conventional countermeasures," said Jevans. "In light of the new FFIEC guidelines for online banking authentication that go into effect in January 2012, banks need to act now to better protect themselves and their clients from these potential threats at the customer's own PC."

About Global Concepts

Global Concepts' expertise is payment systems. Our experts have been at the forefront of this industry for over 30 years; from conventional check processing to emerging payment mechanisms, from cash vaults to inter-bank clearing and settlement. Global Concepts has developed a depth of knowledge far beyond those of general consulting firms while retaining neutrality unique among specialists.

About IronKey
Ranked as the 14th best venture-funded company in The Wall Street Journal's "Next Big Thing 2011" survey, IronKey secures data and online access with software and hardware solutions managed through cloud-based services. IronKey's award-winning Trusted Access Platform helps financial institutions reduce the risk of online fraud, achieve compliance with Federal Financial Institutions Examination Council (FFIEC) guidelines, and acquire new customers with a competitive advantage. Starting with secure browsing that keeps customers safe from crimeware attacks on their PCs, banks can add multiple layers of security to meet the needs of client risk and value. Visit www.IronKey.com for more information.

Resources
Video: Executives of The Coastal Bank and IronKey explain how financial institutions are preventing fraud and achieving a competitive advantage with IronKey Trusted Access.

"Protecting Online Banking Customers from Evolving Cyber Crime Threats" -- webcast explains the latest bank phishing attacks, the ZeuS Trojan and SpyEye, and why anti-virus software, firewalls and other conventional safeguards are not able to stop these attacks.

"Trusted Access Guided Demonstration" -- product demonstration and example attacks.
To stay current with the latest news and perspectives on bank phishing, ZeuS Trojan and Spyeye, also visit Dave Jevans' blog, 'Privacy and Identity Theft.'

(1) "The Five Layers of Fraud Prevention and Using Them to Beat Malware," Gartner, April 2011

(2) SpyEye Tracker, September 9, 2011, https://spyeyetracker.abuse.ch/