fight phising scams. The new SiteKey system uses images and text to reassure
customer they are using a genuine Bank of America Web site.
While I'm glad Bank of America is taking steps to protect
their customers from phishing attacks, I'm more concerned with insider data
theft. In May Bank of America notified at least60,000 customers that their accounts might be at risk. Bank of America
employees gave or sold account information to DRL Associates, a company that
claimed to provide bank account, balance, and employment information to debt
collectors. The data was then sold to collection agencies and law firms, among
others. In February Bank of America lost backup tapes containing Social Securitynumbers and credit card information of 1.2 million U.S. government employees.
Malicious employees and data handling mistakes pose a far
greater risk than phishing attacks. Recent security breaches illustrate that Bank
of America and other organizations could do better do protect the person datacustomers entrust them with.
Bill Detwiler has nothing to disclose. He doesn't hold investments in the technology companies he covers.
Bill Detwiler is Managing Editor of TechRepublic and Tech Pro Research and the host of Cracking Open, CNET and TechRepublic's popular online show. Prior to joining TechRepublic in 2000, Bill was an IT manager, database administrator, and desktop support specialist in the social research and energy industries. He has bachelor's and master's degrees from the University of Louisville, where he has also lectured on computer crime and crime prevention.