Tag Archive for: wrong

Commentary: Right intention, wrong approach for OCBC and its new anti-scam measure

/in


On the flip side, there’s also the risk of being too stringent. For instance, in their bid to counter fraudulent activities, some banks employ rigorous transaction verification processes that can sometimes decline legitimate transactions.

Rather than just imposing technological restrictions, perhaps a more holistic approach – combining technology with user education – would be more effective. By fostering a user base that is informed about the dangers of third-party downloads and equipped to discern app permissions, the bank can bolster its defenses.

BANKS AND USERS MUST SHARE RESPONSIBILITY

OCBC’s move underscores a broader, industry-wide debate in which banks are walking the tightrope in an era of relentless digital transformation to maintain trust, especially as financial institutions will be expected to share liabilities in scam cases under an upcoming government framework.

The financial sector has thrived on customer trust. Security measures they implement, while ensuring safety, must not compromise this integral relationship.

It’s a complex interplay of trust, security, and convenience. It’s not just about stopping potential threats but also about ensuring that in doing so, the banks do not alienate their customers.

Banks need to understand that in the age of digitisation, customer expectations are evolving. They desire a mix of security, which protects them, and autonomy, which doesn’t make them feel surveilled or restricted. The challenge here lies in combining the two.

OCBC’s decision, while well-intentioned, highlights the intrinsic challenge digital banks face between ensuring a harmonious user experience and robust security. This measure might come off as overbearing to some, yet it underscores an immutable fact – in the realm of digital banking, both the institution and its users bear the responsibility of safeguarding against cyber threats.

The task of ensuring robust security isn’t solely the bank’s prerogative; users too need to be vigilant and well-informed.

Dr Jonathan Chang is CEO of Fintopia Indonesia – a digital lending fintech unicorn. He is also a lecturer, public policy advisor and an award-winning researcher.

Source…

Is Louisiana’s ID Verification Mandate a Step in the Wrong Direction? – Global Village Space

/in


It was recently announced that Louisiana had introduced legislation that requires users of adult websites to show identification to access the pages. This has stirred up plenty of questions about how much authority governments can have over the policing of the internet.

Aside from the ethical debates surrounding the news, it also feels like this is a step backward. Technology is moving forward rapidly, and improved methods of authentication are already emerging. A more sensible solution could be to jump on the growing trend of biometric technology for accessing websites.

What is the Louisiana Mandate?

PIA reported that lawmakers in Louisiana have decided to implement a new rule for accessing adult websites. In a push to ensure that children don’t encounter content that could be damaging to them, internet users in the state will now be required to use their personal identification credentials to log on.

Experts have noted how other countries, including the UK, Australia, and Germany, have all attempted similar measures in the past. None of these worked. In fact, collecting IDs for age verification can have serious knock-on effects when it comes to data privacy.

This highlights how there’s a need for more modern approaches to authentication that are in line with the advancing technological world. Biometrics has already started to creep in on devices and some sites. However, they haven’t become widespread or used as an alternative to traditional identification methods yet.

How Far Away are We From Ubiquitous Biometrics?

According to Grand View Research, the global biometrics market will be worth around $60 billion by 2025. It is growing at a rate of 20.4 percent each year, and this is being driven by the increased demand for enhanced security methods.

Issues Arising from Biometrics

For the technology to become used for logging onto all sites and devices, internet users need to have the reassurance that their data won’t be sold or lost to third parties.

Like it or not, biometric technology is on the way, and some people believe that it is a great step forward. There’s no doubt, though, that western countries will need to learn how to cope with these challenges. There…

Source…

One wrong click could wipe out your savings

/in


KUALA LUMPUR: Thanks to smartphones, we have the entire world at our feet, but one wrong click could be enough to put your data and life savings at risk.

Of late, some individuals have reportedly suffered losses from cyber-crime frauds. The issue has undoubtedly triggered concerns among the public, especially on the cyber security risk level of the nation’s financial institutions.

Without a doubt, the spate of cyber crime cases has caused some members of the public to lose faith in banks as the custodian of public money as they felt that their deposits are no longer safe in the bank. Of concern are reports that banks are not taking responsibility for the crimes which are committed before “their very eyes.”

In light of these developments, Bank Negara Malaysia (BNM) has recently instructed financial institutions to implement five measures to further strengthen safeguards against financial scams.

Among others, banks are required to migrate from SMS One Time Passwords (OTP) to more secure forms of authentication; tighten fraud detection rules and triggers for blocking suspected scam transactions; and customers will be restricted to one mobile or secure device for the authentication of online banking transactions.

Meanwhile, the banking industry has also launched the National Scam Awareness Campaign to help members of the public remember three simple steps, also known as the 3-second rule, that is, ‘Stop, Think, Block (‘Awas, Fikir, Blok’).

Data intrusion

However, albeit the various initiatives undertaken by the relevant authorities, experts said the financial fraud will continue to rear its ugly head as long as users lack the technological knowledge and are letting their guard down.

A senior lecturer at the School of Economics, Finance and Banking, Universiti Utara Malaysia Dr Juhaida Abu Bakar told Bernama, ‘phishing’ is commonly used by cyber criminals to ‘fish’ for users’ data from their smartphone.

She said through phishing, bank customers are trapped by the various links via e-mails, SMS and also mobile apps that are sent by irresponsible parties including scammers or hackers to their smartphone.

She said phone users are also exposed to mobile spyware, a…

Source…

Hackers Attack UK Water Supplier, Sends Ransom Demand to the Wrong Company

/in


Stock image of data breach

Hackers infiltrated the corporate-side of a utility that supplies water to about 1.3 million people in the United Kingdom. However, the apparent data breach may not have been the one the cyber-criminals were aiming for.

Ransomware gang ClOP (previously responsible for one of 2021’s biggest hacks) claimed to have infiltrated Thames Water, the United Kingdom’s largest drinking water utility, on Monday, according to a report from Bleeping Computer. However, the utility denied any breach of its system. Meanwhile, another UK utility, South Staffordshire Water, confirmed it was attacked.

Thames Water services 15 million people, more than ten times the scale of South Staffordshire. So, although any attack on a public utility is clearly bad, there’s a big difference between the scale of what ClOP claimed and what utilities copped to.

Screenshot of Thames Water tweets

Hackers’ Claims Against Utilities

South Staffordshire PLC (the parent company of South Staffordshire Water) admitted its corporate IT network had been accessed by hackers, in a public statement published Monday. However, SSW didn’t indicate that they’d been contacted for ransom. “We are experiencing disruption to our corporate IT network and our teams are working to resolve this as quickly as possible. It is important to stress that our customer service teams are operating as usual,” the company wrote. The water provider further claimed that “this incident has not affected our ability to supply safe water.”

G/O Media may get a commission

Back to School Month with Govee Sale

Back to School

Back to School Month with Govee Sale

Decorate your dorm
You may not be allowed to paint your dorm room walls when you get back to school, but no one can stop you from painting them with light! Govee has a ton of different RGB smart lights on sale just for the occasion as the first week of school approaches.

Aside from the company statements, evidence of the reported cyber-criminal confusion appeared in screenshots that Bleeping Computer published from ClOP’s Tor site. The cyber gang reportedly wrote that they had breached and “spent months in” Thames Water’s system. However, to back up their hack success, they posted email lists clearly associated with South Staffordshire Water (not Thames)…

Source…