A number of security experts have expounded theories as to how the Absa e-banking fraudster came to target the victims, and the reasons why they believe the crimes were only committed against residents in the Bellville area.
"These are obviously nothing more than theories, but there is a fair possibility that it may have been someone working for an IT company that provided support for the victims, as it would have been easy enough for a technician to install the keylogging software on their machines," says info-security specialist Andrew Thomas, of Hobbs & Associates Chartered Accountants.
"Someone who was providing support of this kind would also have been aware of exactly which people would make the best targets."
He says that other possibilities include Internet cafes, which are public places and hence easy targets for a thief to download the software on to, although this would be dependent on whether the victims use such places.
"Many of the banks also have in-house terminals which could easily have been tampered with by a potential fraudster, who could have had a relatively simple time placing keylogging software on to such a machine."
Olaf du Randt, an IT forensics expert and technical manager at security solutions and services provider AVeS Cyber Security, agrees with this theory.
"I would be inclined to think this ID fraud involved hardware or software placed at a strategic point, such as the branch`s own unprotected Internet kiosk. This would explain why the victims were within the same geographical area.
"If it was an Internet-based attack, it would be unlikely to be as specific and in only one geographical area," says Du Randt.
According to Luc de Graeve, MD of IT security firm, Sensepost, another possibility is that the fraudster managed to get hold of a list that had the victims` personal details - such as their e-mail addresses - and used this to send them the Trojan that may have infected the machines with the keylogging software.
"This is not to say that the list had anything to do with Absa - it may well have been one that was hacked from a company, lawyer, accountant or even an online shopping destination that the users frequented.
"This entire issue has not been pleasant for anyone, but people need to remember that there is always a residual risk when financial transactions are conducted, whatever medium they are conducted through," says De Graeve.
Thomas agrees, saying there is always a trade off in terms of security versus ease of use and it is up to the banks to try and strike a good balance.
"One potential security measure that could be investigated is for users to point to an onscreen keyboard and use mouse-clicks to 'type` in their passwords. That way, there would be no keystrokes to be logged."
He believes the banks must accept their share of the blame, as it is unfair on the users - given the level of the technology - to place the onus for security completely on them.
"The public information that has been disseminated by the banks has been that this method is safe and secure, but I don`t believe it is feasible for anyone to be completely protected from this sort of thing, so there should be a sharing of the responsibility."
In other news, ITWeb has been informed that Absa is in the process of installing anti-keylogger software on all its in-house banking terminals.
Related stories:
Experts slam Absa on ID fraud
The e-banking fraud blame game
Banks meet on Internet fraud
Online banking ID fraud sparks fears
Banks say education stops online fraud
eBlaster tool may be Absa fraud culprit
Share
