Identity thieves have moved on from banks and are now targeting online brokerages with increasingly sophisticated attacks, according to an expert in security and authentication.
The first assault appeared in July, in which a man-in-the-middle attack defeated security measures once thought to be impregnable.
Financial institutions are now having to rethink how to protect their online banking customers, according to authentication firm Arcot Systems.
Hackers broke into customer accounts at large online brokerages in the US last month and made unauthorised trades worth millions of dollars.
Arcot explained that these scams typically start with a hacker gaining access to username and password information through phishing and key-logging attacks.
"With the increase in consumer use of the Internet for personal finance, financial institutions are having a problem staying ahead of the hackers," the company said.
"In these and other cases, hackers were able to bypass multiple layers of security and gain access to their accounts.
"These attacks accentuate the need for all financial institutions, not just those regulated by FFIEC guidelines, to adopt a strong authentication solution to reduce online identity theft and fraud, enhance customer trust and protect their assets."
Arcot recommends an authentication system that ensures the identity of the user and the site to which they are logging on.
This solution must prevent phishing, man-in-the-middle, keystroke logger and other Internet attacks, while providing a simple authentication experience for customers, employees and partners.
Hackers target online brokerages
By Clement James on Nov 14, 2006 9:45AM