Today in eChannelLine they published a story "North America next on the fraud hit list". The article points out several analysts views on online fraud trends.
Essentially, it says that Asia and Europe are currently getting hit with malware comprised of trojan attacks while the US is getting hit more with phishing. The article then goes on to point out that the use of trojans will become dominant during the coming year. I generally agree with the analysis.
I don't agree with one point made in the article. "In Germany and Switzerland, where strong authentication is mandated by law, financial institutions' customers have a printed matrix with secret passcodes. Phishing attacks are useless against them."
This may be true for older style phishing attacks but it's definitely not true for current ones. As I've documented in earlier blogs, the modern phishing attacks get the user to click on a link that takes them to a false bank website. There the user enters in their strong authentication, which is instantly passed to the real bank website to authenticate the user. ABN Amro found out their strong authentication was bypassed this way just a few weeks ago.
However, the article is generally a good quick overview of the growing trend and definitely worth a read.
Guy
www.authenticationworld.com
guy.huntington@authenticationworld.com
del.icio.us