Trusteer allows financial institutions to protect user accounts when private information is stolen

(01/08/2008)

The introduction of phishing filters that block access to malicious websites has forced fraudsters to change their ways. Mass phishing campaigns are now less likely to succeed since most browsers implement black-list and heuristic-based anti-phishing filters, which are updated when monitoring services detect large attacks. In response, criminals now gather intelligence on their victims and launch very targeted and convincing attacks on small user populations that are not easily detected by monitoring services. Phishers also test their websites against browser filters and security products to make sure they elude heuristic-based security mechanisms.

Protecting customers from Internet fraud is emerging as a key concern for financial institutions, as well as other online businesses. On July 11, the UK House of Lords Science and Technology Committee called on the government to make banks, not customers, legally liable for internet fraud. In its report, The Committee claims that, under the current system, banks often deny liability for password and PIN fraud, claiming customer negligence or even complicity in the fraud.

To reduce fraud and asset theft associated with targeted phishing attacks, Trusteer has enhanced its Rapport product with an alert service that allows financial institutions to protect user accounts when private information is stolen. When a user browses to an unknown URL, the new Trusteer cloud-based service instantly runs a comparison of the site against all Rapport protected websites. If the visited website resembles any of the protected sites, the Trusteer anti-phishing service performs a comprehensive assessment to determine whether it is impersonating the legitimate site. When necessary, the suspected website is inspected by a Trusteer fraud expert.

If the website is found to be criminal, the Trusteer service performs the following actions:
1. Automatically alerts the authentic website owner that their customer accessed a fraudulent website. This alert includes the information the service provider needs to recover the user's account details, suspend the account, and contact the customer so they can reset the account.
2. Updates all Rapport desktop agents with this malicious website to prevent further access to it.
3. Notifies browser vendors of this malicious website so they can update their filters.

Discount brokerage firm Muriel Siebert is a current user of the Trusteer product. Muriel Siebert, the Founder, Chairwoman, CEO and President of Muriel Siebert & Co., Inc. stated, "My firm is providing our customers with enhanced internet security capabilities. We believe that the new Trusteer anti-phishing service will create a valuable additional layer of protection for us and our account holders."

"Trusteer's mission is to continually enhance Rapport to make it extremely difficult for attackers to compromise users' confidential information and defraud service providers," said Mickey Boodaei, CEO of Trusteer. "This new cloud-based service provides timely alerts that allow financial institutions, and other online businesses, to protect customer accounts against attacks that bypass anti-phishing filters as well as operator error by the end-user."

The updated version of Rapport is available immediately from Trusteer. Pricing starts at $50,000.

Related topics:  Data management and data security   Hacking and intrusion prevention   Internet and Web security 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources