OF FOOLS OF THE MIDDLE BELT, ONE NORTH AND PASTORA... » SERIES: BUHARISM AND THE FIERCE URGENCY OF NOW A treatise on pastoral jihadism, islamism, arabism a... Home Secretary’s statement on the Manchester attac... » I know that some people will only just be waking up to the news of the horrific attacks in Mancheste... Checkpoint Systems unveils Bug Tag 2 loss preventi... » Checkpoint Systems has announced the launch of Bug Tag 2 – an innovative loss prevention solution th... Edesix launches new head and torso mounted body wo... » Edesix has announced the launch of new head and torso mounted cameras. The X-100 is a side-mounta... Banknote Watch offers essential advice as old £5 i... » As of Friday 5th May 2017, the paper £5 note was officially withdrawn from circulation and no lo... Neustar International Security Council launched ... » LONDON, UK: Neustar, Inc. has announced the launch of the Neustar International Security Council (NI... RiskIQ Digital Threat Management Platform Recognis... » LONDON, UK: RiskIQ has been recognised in an Ovum Research “On the Radar” report for providing orga... ExtraHop introduces new professional services fo... » UK: Today at Interop ITX has announced new professional services for cloud migration, datacenter mig... MIKE SMITH BECOMES NEW ECA PRESIDENT » A highly respected electrical engineer and businessperson – Mike Smith of SES Engineering Services –... Patriot One obtains purchase agreement with rese... » TORONTO:  Patriot One Technologies Inc. has announced a reseller agreement with Information Technolo...

CLICK HERE TO

SOCIAL BOOKMARK

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.

READ MORE

Subscribe to Vigilance Weekly

Appointments

Earlier this week, AdaptiveMobile released a blog post which examined application-to-person (A2P) SMS banking scams, specifically as they relate to identity theft. Attackers are increasingly using creative social engineering led approaches to trick individuals into giving away personal information, allowing an attacker to impersonate a victim resulting in financial gain for the perpetrator. The post also looked at the recent Barclay’s TV advert which examines the same topic.

 

Commenting on this, Robert Capps, VP of business development at NuData Security, said: "The lack of standard trust indicators in SMS, coupled with the seemingly organic deployment of SMS as a messaging and authentication channel for online transactions, has not only led to consumer confusion. It’s also opened a wide channel for fraudsters to socially engineer consumers into disclosing their personal information.

It’s also not an unique attack. Other convenient forms of consumer communication like email and telephone calls have been utilised by cyber criminals in similar ways in the past, so perhaps it’s no surprise to find creative uses of the same old trick being employed.

At the root of this issue, is the continued reliance on the traditional (but tired) username and password authentication framework. It’s still the sole method of verifying consumer identity in many non face to face transactions. Coupled with weak auxiliary authentication schemes that have been duct taped on top of this framework, such as SMS challenges, and secret questions and answers, it’s no wonder that consumer authentication is a mess.

Traditionally, online authentication boiled down to a choice between “effective”, “easy” and “low friction”, where you can only pick two options. Execs are always biased toward tangibles, so the option usually left on the ground was customer experience (friction). Growing respect for the value of customer experience, plus advances in behavioural techniques and evaluation of human interactional signals, has injected new life in to these tired techniques. The great part about these new behavioural authentication technologies is that they provide real security for customers and their accounts, without negatively impacting the customer experience.”