http://www.theadvertiser.news.com.au/common/story_page/0,5936,8912876%255E421,00.html By Simon Atkinson and Michael Corkill 09 mar 04 ONLINE banking in Australia was fraught with danger and "manifestly not suitable" for Internet transactions via the home computer, says leading Internet security expert, Professor Bill Caelli, AO. Professor Caelli, who recently briefed US policy advisers on Internet security, yesterday warned people to stop using home computers for personal banking or "any other sort of secure transaction". "A home PC was never designed for home banking," said Professor Caelli, who heads QUT's School of Software Engineering and Data Communications. "Do not use it, it's no longer safe." The blunt warning followed the emergence of a spate of fraudulent e-mails which targeted bank customers in a bid to get them to reveal passwords or personal account details such as pin numbers. However, the Australian Bankers' Association yesterday blasted Professor Caelli's comments as "not appropriate" considering the level of online banking crime. "It is like telling people to stop driving their cars because the roads are not safe," said ABA chief executive David Bell. "All users of the Internet have a responsibility to protect themselves against Internet crime, in the same way that they buy cars with safety and security features to protect themselves against injury or financial loss." The Brisbane-based Australian Computer Emergency Response Team (ACERT), which handles national computer threats, said it had seen a steady rise in e-mail "phishing expeditions" by hackers (attempts to persuade consumers to click on fake web banking pages and thereby gain access to account information and passwords). "It is not a major problem but it is a major concern," said general manager Graham Ingram. "Credit card fraud is more significant in terms of losses compared with Internet banking fraud." The Australian High Tech Crime Centre in Sydney, which works alongside ACERT, said its online fraud investigations were targeting customers, not banks. It advised people not to go online with an Internet account without first installing anti-virus, anti-spam, and firewall protection software. "Internet banking customers should never divulge account information to a third party (and) never respond to unsolicited e-mails in particular. Banks will never e-mail customers and seek to clarify personal details." Australia's major banks all feature security information on their websites. However Griffith University network security lecturer Dr Vallipuram Muthukkumarasamy said most banks would not admit being the victim of computer hackers. He said academics knew that "several banks have been compromised not only in Australia but in other countries". In December the Commonwealth Bank publicly warned Netbank customers about an e-mail scam. A bank spokesman said security was never compromised. Meanwhile CMC chairman Brendan Butler, SC, yesterday held a press conference in Brisbane to warn of the increased risk of "cyber traps" on the Internet. He said financial fraud was the most common type of computer-related crime in Australia, along with laptop theft and the release of e-mail viruses. A Bank of Queensland spokesman said online customers should "protect their personal computer like they would protect their wallet". "Obviously you would not walk around with $10,000 sticking out of your top pocket, and neither should you leave yourself open to hackers by not having Internet security and virus software on your home computers," he said. - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Mar 09 2004 - 03:26:13 PST