|
The OECD and Cyberfraud
The OECD has released an 8-page Policy Brief, Protecting Consumers from Cyberfraud that is worth a gander. As well as old favourites like spam, the report discusses phishing, spear-phishing, vishing, pharming, malware, keyloggers and spyware.
It also quotes an OECD report from 2005 that reiterated that no-one is immune from cyberfraud, as anyone can fall victim to ever more sophisticated online scams. The report also provides interesting EU data, reflected elsewhere in the world, to the effect that 90% of e-commerce is business to business (B2B), rather than business to consumer (B2C)- and poses the question as to whether that fact is attributable to consumer concerns about data security breaches and cyberfraud.
The Visa global security survey from earlier this year would appear to support that hypothesis, with consumers more fearful of data theft than terrorism.
The report is not news to anyone studying the issues religiously, but nonetheless it is a concise overview of the current situation. It also highlights an important issue: many victimized consumers have no viable, cost effective, legal recourse against cyber-criminals, and little hope of recovery. This realization will do little to engender trust in the Internet as a preferred means for doing business.
In China, banks have the upper hand
Reports (in Chinese) indicate that consumers in China who fall victim to cyberfraud must meet a reverse onus-and prove that the bank was at fault. Apparently, irate consumers have started an online campaign to try to get redress for their claims, and to publicize their cause: a potentially dangerous activity in China.
However, lest we feel superior in the west, it is by no means unheard of for western banks, most notoriously in the UK, to adopt a similar position, and force plaintiffs to effectively prove that banking systems were insecure or vulnerable, during the relevant time-frame, thus causing or contributing to their loss- while also denying plaintiff experts access to these very same systems to test their inviolability.
The cost of doing the right thing
Financial services companies that indemnify their clients for online fraud, may be feeling the pinch, according to this Reuters report, in the wake of the SEC (U.S. Securities and Exchange Commission) recent warning that ‘hackers based in eastern Europe are looting online brokerage accounts in the US in increasing numbers’.
TD Ameritrade Holding Corp. is the latest victim- it paid out $4 million in the third quarter to reimburse customers whose accounts had been hacked. Also hit was rival E*Trade Financial Corp.- recent fraud losses have skyrocketed, increasing by $18 million in the third quarter, for similar reasons.
Anti -virus companies I have interviewed in recent months play down the keylogger/spyware threat, as if it is non-existent, but in the real world, it still seems to be taking a bite out of consumers- and business that indemnify them against losses.
The hackers, as always, have found the easiest way in, and target investors who unadvisedly access their online brokerage accounts at public terminals- presumably at Internet cafes or the local Kinko’s. Such public terminals are often riddled with spyware and you should use them at your peril.
Remember, companies that will look sympathetically on your plight, and reimburse you, are vastly in the minority. They would also be within their rights to argue that you need to take some basic precautions to protect yourself- and your nest egg.
These companies are businesses, after all- not Mother Theresa, so don't push your luck.
Read more
Ex-hacker locates MySpace pedophiles- using their own names
UK defendant loses appeal in multi-million pound HSBC online bank fraud- and Mary's analysis as to why Justice may not have been done
|
