Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Rollout: RSA FraudAction Anti-Trojan service

The Upshot


Claim
Malware that steals customers' credentials or tricks them into conducting illegitimate transactions is a real problem for financial institutions. The RSA FraudAction Anti-Trojan service aims to counter the threat by working with ISPs to take down sites that spread Trojans and collect credentials.
Context
The anti-Trojan service is the first of its kind. It's an extension of RSA's antiphishing service, which works to take phishing sites offline. MarkMonitor, RSA's biggest competitor for phishing-site takedown services, doesn't address Trojans, but there's little to prevent MarkMonitor from launching such a service.
Credibility
RSA's service, though reactive and dependent on the goodwill of national and foreign ISPs, will help track threats and close off infection vectors and data collection sites. Still, services such as FraudAction should be only part of the solution. Companies must understand the limitations and consult with their legal departments before signing on.

RSA FraudAction

Doesn't anyone rob banks with guns anymore? In 2006, 55 Brazilians were arrested for stealing $4.7 million from several financial institutions using credentials gathered by keylogging software, while Russian thieves were nabbed for stealing $1.1 million, again using account information stolen via Trojans.

A new service aims to help financial institutions, online auction sites and fund-transfer companies stop Trojans before they can victimize customers. The RSA FraudAction Anti-Trojan service identifies keyloggers, session hijackers and other malicious software, then works with ISPs and law enforcement to take down the sites that distribute Trojans and collect stolen credentials.

RSA FraudAction is a compromise: Financial institutions take action to eradicate malware without having to muck around with customers' computers. However, the service is reactive, relying on antivirus software to find existent malware. It also provides an excuse to delay the adoption of solutions such as out-of-band transaction authentication that would more effectively prevent fraud.

Beware Geeks Bearing Gifts

  • 1