Internet banking security criticised

Sep 28 2006

Britain's major banks have been criticized in a new study for failing to adequately protect their online banking customers.

A report by Heise Security claims that many ebanking sites contain vulnerabilities and flaws that can be exploited by web criminals, the Register reports.

The company also states that security holes can make it easier for phishing scammers to create more convincing attacks and employ frame spoofing techniques.

Heise has now published a series of demos explaining how phishers could overlay rogue frames on the pages of a number of leading banks, including NatWest, Cahoot, First Direct, the Bank of England, Link, Bank of Scotland and Bank of Ireland.

NatWest and UBS are understood to have improved their website security in light of the revelations, but many other sites remain vulnerable because of out-of-date browser software.

A handful of banks, such as Barclays, HSBC and Halifax, are not at risk according to the Heise tests and the company is urging companies to boost security on their websites.

Germany is currently attempting to crack down on computer hacking with a series of proposed updates to computer hacking legislation that would make denial of service attacks, hacking attacks against individuals and gaining access to data criminal offences. The plans would also raise the maximum penalty for hacking to ten years in jail.


Blueprint for Cyber Security

Our vision is a world properly protected from cyber threat. This blueprint sets out how we can deliver that solution, starting in health and care.