By Shane Schick
The securities firms that reported the breach have not confirmed the
means by which accounts were accessed, but the Investment Dealers
Association (IDA) pointed to pharming Web sites as another possible
Only two accounts were affected, although the IDA said it was alerted by
a U.S. regulator about a similar situation that happened there.
In the instances reported to the IDA, client portfolios were sold out,
the warning notice posted on the IDA Web site says. The credit was then
used to place buy orders for specific securities listed on the OTC
Bulletin Board or NASDAQ pink sheets.
IDA vice-president of enforcement Alex Popovic said it was the first
time the association has been notified of a security breach involving
the online accounts of its member institutions. The security of the
account system itself wasn't compromised, he said. There's encryption
you would need to get past to get in, but the weak point is the person
that accesses it - if they have somehow disclosed their password.
Vince Hwang, group product manager at Symantec Security Response, said
some criminals use a combination of phishing e-mail messages and
vulnerabilities in Microsoft operating system environments to download
malicious software that can record keystrokes or find other ways to get
into a system. In general, the attacks are becoming more sophisticated
because the motivation is financial gain.
They're taking the time to craft these socially engineered messages,
said Hwang. Some pharming Web sites may in fact take users to the
legitimate secure area of a financial institution's Web site first but
include an additional link to verify status.
Visit the InfoSec News store!