Press Release
Fight keylogging & phishing with OTP's
15 August 2005
Identity theft is the fastest growing on-line crime. Passwords are the target for these attackers and effective defence starts by replacing static passwords with dynamic One-Time Passcodes.
The press is full of stories about keyboard logging and phishing scams. These attacks are aimed at stealing the passwords and other digital identity details of their victims.
'Keyboard logging' was used in the recent Sumitomo bank drama to record and transmit to the attackers every keystroke typed by the bank's sysadmins, including their login names and passwords to the bank's mainframe and other key systems.
Keyloggers can be either software based, introduced remotely by a virus, or a hardware device costing just a few dollars that is simply plugged into the keyboard socket of the victim's PC!
'Phishing' is the process of sending spoof or fake email to trick users of on-line financial providers into revealing the userids, PINs and passwords of their accounts.
Essentially the scammers are 'fishing' on line for your identity and financial information.
One-time passcodes are your first line of defence: Static passwords are sitting targets for both phishing and keylogging attacks. Once captured the password can be used at leisure by the attacker again and again.
One of the key steps you must take to build your defences against these identity attacks is to move your users from static password authentication to dynamic one-time passcodes (OTPs) such as provided by Signify.
For more details, click here
