Page 92 - Cyber Warnings
P. 92
third party’s infected system to infect Tesco Bank’s system. This is much like person A, who has
the flu, shaking hands with person B and passing the virus.
There had been issues in the past with their web-based systems. In 2014 thousands of Tesco
Bank accounts were deactivated after the client’s login IDs and passwords were shared online.
Reaction
Outwardly facing, the bank’s reaction to this was limited. The bank did not limit the funds to be
drawn from ATMs, use of most debit or credit cards, and pay bills. A relative few of the client’s
cards were shut down. The bank did however suspend its online transactions.
Guidance for Customers
If your bank is a victim of this, there are many steps available to follow to protect yourself, your
money, and personal, confidential information. With passwords, the password should be
challenging. The 12345678 or 23456789 would not be recommended. There should be the
upper and lower case, numbers, and special characters.
Any personal information, such as the street you grew up on or your first pet’s name, should not
be included in the password. This information could be secured from other online resources.
The same password should not be used for the various websites. This may be tempting,
however the attackers know it is also. The client would not want to provide access to all of their
websites by using one password for them all.
When possible if offered, two factor authentication should be used. Granted this is one more
step, but it will however add a new level of security and complexity the attackers may not want
to deal with.
About The Author
Charles Parker, II can be reached online at [email protected] and
InfoSecPirate (Twitter).
92 Cyber Warnings E-Magazine – May 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
