U.S. urges banks to tighten online fraud protections
WASHINGTON (Reuters) - Bank regulators warned banks to be on guard against increasingly clever computer hacking on Tuesday, indicating heightened alert against security breaches that have plagued government and corporate institutions in recent weeks.
The Federal Financial Institutions Council -- an interagency group that includes the Federal Reserve, the Office of the Comptroller of the Currency, and the Federal Deposit Insurance Corp -- issued a reminder to banks to use more than one form of authentication for online consumers.
"Fraudsters have continued to develop and deploy more sophisticated, effective and malicious methods to compromise authentication mechanisms and gain unauthorized access to customers' online accounts," the council said.
The warning comes after a series of high-profile security breaches including a threat to the Fed by a hacking group. The threat never materialized.
Last week hackers disabled the Brazilian statistics agency's website for five hours. Citigroup Inc and the Senate have also been targets of recent cyber attacks.
Regulators are concerned protections put in place in response to recommendations six years ago have become less effective.
Programs that record a computer user's keystrokes have been increasingly effective in stealing identifying information and passwords, regulators said.
"Institutions should no longer rely on one form of customer authentication," they said.
Financial institutions are required to review and update their assessments of computer security risks at least every 12 months.
(Reporting by Mark Felsenthal; Editing by Padraic Cassidy and Leslie Adler)