The Internet Crime Complaint Center (IC3) has been made aware of a new Citadel malware platform used to deliver ransomware, named Reveton. The ransomware lures the victim to a drive-by download website, at which time the ransomware is installed on the user’s computer. Once installed, the computer freezes and a screen is displayed warning the […]
Examiners have made it clear: if your management team understands the risk exposure of information and technology to your bank, you are definitely heading in the right direction. If risk is considered in all technology decision making, an effective IT risk management process has been implemented. The standards themselves call for a risk assessment of […]
Are you ready to integrate the Supplement compliance requirements with your existing awareness training program? Our own Dan Hadaway CRISC, has arranged to deliver a workshop on awareness training with the Indiana Bankers Association that will not only show how banks are accomplishing this daunting task, but he’ll also provide deliverables and instruction on how […]
The Federal Financial Institutions Examination Council (FFIEC) has announced that the organization has upgraded the functions and features of the InfoBase for the FFIEC Information Technology Examination Handbook (IT Handbook). The IT Handbook consists of 11 booklets covering a variety of technology and technology-related risk management guidance for financial institutions and examiners.
In November, we posted an article informing you of Operation Ghost Click, an investigation that resulted in the arrests of a ring of seven people who allegedly infected millions of computers with DNSChanger malware. Per court order, the FBI was being allowed to provide clean servers until March 8th. That expiration date has now been extended until July.
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mails that have the appearance of being sent from the Publishers Clearing House that make reference to the FDIC.
It’s hard to believe almost a year ago Infotex set out on the path to create a new “branchless banking kit” which would include all the IT Policy and Procedure templates necessary to address a total re-write of the typical “E-banking Policy.” The decision to do this was accompanied by an article in Dan’s New Leaf entitled “Manifesto: Time to Revolutionize our E-banking Policies.”
Are you ready to integrate the Supplement compliance requirements with your existing awareness training program? Our own Dan Hadaway CRISC, has arranged to deliver a workshop on awareness training with the Community Bankers Association of Ohio and the Indiana Bankers Association that will not only show how banks are accomplishing this daunting task, but he’ll […]
Of the professions that I would think would be the last on the target list for the bad guys, I would expect it to be law firms. However, to my dismay, this is not the case. The IC3 has continued to receive reports of counterfeit check schemes targeting U.S. law firms.
It has become a habit of the “bad guys”…. a disaster strikes and thus the bad guys take advantage of the situation. We have seen it time and time again. As if the victims of the disaster (e.g. tornado, hurricane, etc. etc.) haven’t been through enough. As it is, the Department of Justice, the FBI, and the National Center for Disaster Fraud (NCDF) are reminding the public there is a potential for disaster fraud in the aftermath of a natural disaster.