Detroit Debits
Bank of America Corp. customers in Detroit woke to a nasty surprise over the weekend — various news reports said customers there flooded into the bank's branches to
Although it was not immediately known how the breach occurred, a spokeswoman for the Charlotte, N.C., bank told American Banker Tuesday that the incident was not the result of a break-in at the bank.
"This involved a compromise at a third-party merchant," the spokeswoman said in an emailed statement.
The spokeswoman said that reports of branches in the Detroit area being overwhelmed by customers who said they believed their accounts had been compromised were exaggerated, and that this was an isolated incident. Further, the $100,000 figure "did not come from us, and any related losses were very minimal as a result of our ability to respond quickly and proactively to protect consumers from fraud," she said over the phone.
"Security for our customers is a top priority, and our objective is to protect our customers and the bank," she said by email. "As part of our routine fraud monitoring, if we believe a customer's card may have been compromised at a third-party merchant location, we will notify the customer and block and reissue the card. If fraud does occur on a customer's card, Bank of America customers are protected against fraudulent use of their cards through our free $0 liability guarantee."
Gas-Roots Effort
As pay-at-the-pump skimming crimes continue to rise, one California community has
Residents of Camarillo, Calif., have formed a Citizens Patrol Unit of around 30 people who actively monitor pumps in the area for signs of tampering and for the installation of illegal devices, the website Bank Info Security reported Tuesday.
But security experts say such campaigns are only a temporary solution, and gas stations as well as banks, which routinely suffer from similar problems with their ATMs, must do a better job training their own staff to look for skimming incidents.
Experts also say automated teller machines and self-service gas pumps need more built-in security from manufacturers to thwart skimming attacks, according to Bank Info Security. Experts said the real problem stems from the continued reliance in the U.S. on magnetic stripe cards, as opposed to the more secure chip and PIN technology used in other parts of the world for card transactions.
But Camarillo is not the only place using decidedly untechnological means to combat the fraud. In July, Gov. Jan Brewer of Arizona directed the state's Department of Weights and Measures to conduct gas pump inspections, Bank Info Security reported.
Keeps on Ticking
Using a shotgun is an old-fashioned way to rob a bank, but an ATM?
Not so fast.
The Lincoln (Neb.) Journal Star reported March 22 that a hooded man dressed in black and carrying a duffel bag approached an ATM there. He was observed by a witness and a nearby surveillance camera.
Though he reportedly first used a crowbar to attack the machine, when that did not yield results, he pulled a shotgun from his bag and
The suspect got no money, and reportedly fled down an alley after seeing the witness, who was driving nearby and had slowed down.
The gunshot blast caused $500 in damage to the ATM, though the machine reportedly remained operable.
Antivirus Attacked
Securing websites is a never-ending process: Even the site of the security and antivirus software company McAfee Inc. of Santa Clara, Calif.,
McAfee said it was working to fix the vulnerabilities, which it reportedly said included cross-site scripting at the download portion of the site. That flaw could allow hackers to direct traffic to fake McAfee sites, where valuable user information could be stolen.
Less pertinent to consumers, McAfee said other holes included access to applications that measured the site's Web traffic and to source code.
"McAfee has strict policies in place for its own websites and for services provided by third parties," it said, according to CNet. "We are investigating how these particular vulnerabilities were not identified in our screening process and will adjust our processes if necessary."
CNet reported this is not the first time that McAfee has had security issues on its website. It discovered similar problems in 2008 and 2009.
Seasonal Illnesses
South Korea's parliament has introduced a bill that would make
Other details of the bill would never pass muster in the U.S., and probably a lot of other countries: The bill would set up a commission that could stipulate which security and antivirus software providers South Koreans could use. It would also empower agents to examine the records, details and documents of any person or company who failed to comply with the legislation.
The bill compares computer infections to the flu, and says it is a national duty not to infect others. The same should hold true for computers, it argues.
Bathroom Break
Bankers know debit cards can cause huge security headaches, but they may not know
The Stamford Advocate reported Monday that a Norwalk, Conn., man was arrested and charged with breaking toilets in a bar after his girlfriend came by Sunday to retrieve the debit card he was using for his bar tab. He allegedly had been drinking since Friday.
Police charged Fredy Rodrigues-Canizalez with second-degree criminal mischief and disorderly conduct. He was held in lieu of $1,500 bond, the paper said.
Security Watch is a weekly roundup of news and developments in data security and their impact on financial services companies.
Please e-mail us any
