소개글

호주 국립 은행에서 피싱 이메일에 대한 경고를 고객들에게 보내어 피싱 이메일에 대한 대응과 인터넷 뱅킹 보안 정책이 어떻게 수립되어 있는지 그리고 문제점은 없는 지 분석해보았습니다. 영문으로 작성되어 있습니다.

목차

없음

본문내용

Introduction
Online security is major issues for organizations that have an e-business presence (Mitigating). Following the Internet is opened to public, some people begin to gather others identity which called identity theft. For last decade, this attack attempt has been increased significantly. Phishing is one form of identity theft. According to the Anti-Phishing Working Group (APWG)`s research, some 75 to 150 million phishing emails are sent everyday on the net (Analysis Papers). Those phish-er`s ultimate purpose is to steal others money. These attacks caused financial losses in the banking industry to be about US $ 1.2 billion in the US alone in 2003 (Analysis Papers). It is obvious that all banks are quite concerned about online security. The trand of phishing attack is moving from well-known bank to regional bank. Recently, one of Australian bank is attacked by phishing. This report will show how the attack is happened and how the victim bank responds to the attack.

<중 략>

After reviewing this case study, the phish attack to the NAB customer is well protected by NAB`s security defense program. However the phish attack itself is not necessary to implement by high technology or special tools. Any naive and uneducated consumers may deceived by this attack.

참고 자료

American Society for Training and development (ASTD). (2001). A vision of e-learning for America’s workforce: Report of the commission on technology and adult learning. Retrieved from http://www.astd.org/astd/publications/whitepapers/about_whitepapers

Code of Banking Practice setting standards for good banking practice. (n.d.). National Australia Bank. Retrieved from
http://www.nab.com.au/wps/wcm/connect/nab/nab/home/About_Us/7/2/?ncID=ZBA

Engin Kirda, Christopher Kruegel. (2006). Protecting Users against Phishing Attacks. The Computer Journal, 49(5), 554-561. Retrieved March 24, 2009, from ABI/INFORM Global database.

FDIC. (2004) ‘Putting an end to account-hijacking identity theft’, Federal Deposit Insurance Corporation, Division of Supervision and Consumer Protection, December 14.

NAB renews warning on risk of hoax emails. (n.d.). National Australia Bank. Retrieved from
http://www.nab.com.au/wps/wcm/connect/nab/nab/home/about_us/8/5/33/50

National Institute of Standards and Technology (NIST). (1998, April). Information technology training requirement: A role- and performance-based model (NIST Special Publication 800-16). Washington, D.C.:U.S. Department of Commerce.

Ollman, G. (2004) The Phishing Guide Understanding and Preventing. White Paper, Next Generation Security Software Ltd.

SMS security. (n.d.). National Australia Bank. Retrieved from
http://www.nab.com.au/wps/wcm/connect/nab/nab/home/personal_finance/12/3/9

Whitman.M., & Mattord.H., 2004, Management of Information Security, Thomson UK

Wilson, M., & Hash, J. (2003, October). Building an information technology security awareness and training program. Gaithersburg, MD: National Institute of Standard and Technology (NIST).