Information security experts show bank clients why vigilance against fraud needs to come from customers too

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.
Data pix.

HUNTSVILLE, Ala. (WHNT) - First Commercial Bank of Huntsville welcomed customers for some food, some mingling, and some education Tuesday.

Bank President Beth Sippel notes, "In this age of technology, our customers expect convenience in accessing their bank accounts and with that convenience comes increased responsibility from the bank and the customer side to make sure that we're being vigilant in protecting information."

Now, information security is very much about talking to people, sharing threats with them, and raising awareness.

Sippel assesses, "Customer education is really the most important thing that we can do, because if we partner together against crimes and fraud, then we'll all be successful."

Now this seminar is narrowly tailored. It's businesses that rely on the bank, but the broader message applies far outside the conference room.

Sippel shares it, "I think one key lesson is just always being aware, remembering that every email that you open has potential for fraud."

Troy McCartney proves it.

He's a senior tech at F1 Solutions, and he's showing off how little information it takes to launch an attack.

For example, he points out to the crowd, if he can find your Facebook, he might be able to take down your whole operation -- just by, say, knowing that you're on vacation, "Call up their company, 'Hey, Jim told me to come by while he was on vacation to come through and spray for bugs.' I go through and I spray for bugs, because I know Jim and Jim is on vacation. I come through, and I spray for bugs, when it's really just Gatorade in my bottle that I'm spraying on the floor. Then I can plug a malicious USB drive in a computer somewhere, have access to the building, and there you go."

Dangerous weapons look different these days.

"These devices," McCartney says, brandishing a thumb drive, "Today can basically be considered hypodermic needles."

He shares a few more findings with the audience here at the seminar. A bank executive volunteered to be researched.

In under an hour, Troy found the name of his childhood street, all his childhood neighbors, the names of his parents, even his father's draft card from World War II.

He knows his daughter recently got married. He knows the conferences he attends.

He knows enough to build a very personalized ruse to get his trust, and then, as Troy puts it, "Game over."

Data pix.
Notice: you are using an outdated browser. Microsoft does not recommend using IE as your default browser. Some features on this website, like video and images, might not work properly. For the best experience, please upgrade your browser.