TRENDING:

BankInfoSecurity.com Interviews Markus Jakobsson - Part 2 of 2

January 29, 2007     20 minutes   
Listen to BankInfoSecurity’s latest podcast as a leading phishing researcher explains some of his newest findings on phishing. Dr. Markus Jakobsson is a professor at Indiana University, and a research fellow with the Anti Phishing Working Group (AWPG). Dr. Jakobsson is also Associate Director of the Center of Applied Cybersecurity Research, and a founder of RavenWhite Inc., and he heads the efforts at www.stop-phishing.com.

Author and inventor of more than fifty patents, Jakobsson’s research delves into not the technical aspects of phishing and other types of cyber attacks, but also focuses on the human aspect. His latest paper, “The Human Factor in Phishing” is discussed in this two-part podcast.

During the interview Dr. Jakobsson describes the research he is doing on fraud, social engineering and phishing, and the prevention of these attacks. His interview is not to be missed, as he explains some of the new ways attackers are targeting the customers of banks and credit unions.Excerpt from podcast:

LINDA MCGLASSON: Do you recommend financial institutions also take the domain names that match existing or future potential services or features of the institution or its competitors? And what about how they should handle institutions that are merging, and possible misuse of domain names in that case?

MARKUS JAKOBSSON: This is a good question. Let me answer this by two examples. Some time ago, Bank One was acquired by Chase. And this became a very vulnerable time to clients of Bank One, because they weren’t quite aware of what Chase looked like, and what the form of logging into Chase was. Nor were they, they weren’t so sure about the URLs and all other aspects of online banking, either. So, say that a phisher would register a domain like bankonebecomeschase.com. Most people would find that rather plausible, I would argue. And so, then you take advantage of the fact that people are vulnerable, at the same time as you have an opening to use a new domain name that wasn’t very meaningful before. Another thing that you could do is, if you are bank, apart from registering these in advance, would be to look at attacks that are occurring and targeting other financial institutions.

Previous
BankInfoSecurity.com Interviews Markus Jakobsson - Part 1 of 2
Next
RSA Conference 2007 Vendor Interviews



Around the Network

Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Why Health Firms Struggle with Cybersecurity Frameworks
Why Health Firms Struggle with Cybersecurity Frameworks
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.in, you agree to our use of cookies.