Wave Systems Corp. (fka WAVXQ)

[orda]

FDIC Urges Banks to Guard Against Spyware
By Reuters
July 25, 2005
http://www.eweek.com/article2/0,1895,1840413,00.asp


NEW YORK (Reuters)—The FDIC on Friday urged banks to enhance their protections against spyware, to limit the risk that customers' personal data may be stolen.

The guidance from the Federal Deposit Insurance Corp. comes amid a growing stream of reported incidents of the theft or exposure of personal customer data.


Spyware is a kind of software installed on a computer without the user's knowledge, often through a virus or when a user downloads a free program.

It is designed to let a hacker eavesdrop, collect personal or confidential information and perhaps track and record a user's activities. Some spyware can obtain such information as passwords or card numbers. It also often buries users under a blizzard of unwanted ads.


In the biggest reported security breach, details on some 40 million Visa, MasterCard, American Express and Discover credit cards were exposed to potential fraud through a breach at CardSystems Solutions Inc., a Tucson, Arizona, processor.

Data on hundreds of thousands of customer accounts at such banks as Bank of America Corp. and Wachovia Corp. may also have been exposed in other incidents.

"Information collected through spyware can be used to compromise a bank's systems or conduct identity theft," said Michael Zamorski, director of the FDIC division of supervision and consumer protection.

"It is critical that banks stay vigilant about the risks involved with this malicious software."

The FDIC said banks should educate customers about the risks of spyware and encourage them to take steps to prevent and detect spyware on their own computers.

Banks should also advise customers of the risks of banking online on public computers—such as in hotels, libraries or Internet cafes—where spyware might have been installed.

The agency said banks should also enhance internal security and Internet-use policies, such as by prohibiting Internet downloads and visits to inappropriate Web sites, and train employees about the risks of spyware. It also said banks should consider adopting new authentication methods to thwart hackers who might already have customer account numbers and passwords.

David Cole, director of product management at Symantec Corp.'s security response unit, said data stolen through spyware is often sold on the black market.

"Its value is dependent on its completeness and quality," he said. "We've seen increasing sophistication across the board." Cupertino, California-based Symantec is the No. 1 maker of software that protects against Internet viruses.

Earlier this month, a Pew Internet and American Life Project survey said nine out of 10 Internet users claimed to have changed their online habits to avoid spyware and other Web-based threats. Two in three said spyware had caused slower computer performance or other problems.

Copyright Reuters 2005. All rights reserved. Users may download and print extracts of content from this website for their own personal and non-commercial use only. Republication or redistribution of Reuters content, including by framing or similar means, is expressly prohibited without the prior written consent of Reuters. Reuters and the Reuters sphere logo are registered trademarks or trademarks of the Reuters group of companies around the world.