Photo by Iuliia Stiazhkina
Over the last several years, at least 19 major banks have been hit by cyber attacks, according to a rash of published reports. For instance, a lot of nerves were rattled by a typical headline, “Cyber Attacks on US Banks Expose Computer Vulnerability,” appeared in Businessweek (now known as BloombergBusinessweek).
But this wasn’t a new security scare for America’s fourth-largest, Citibank. Citibank is consistently ranked as the fourth-largest bank following JPMorgan Chase, Bank of America, and Wells Fargo.
For Citibank customers and millions of other consumers who enjoy the convenience of online banking, a headline was alarming. The Wall Street Journal headline: “FBI Probes Hack at Citibank – Russian Cyber Gang Suspected of Stealing Tens of Millions; Bank Denies Breach.”
The reported multimillion dollar loss – a public relations nightmare for Citibank – was hushed up.
More recently, in November 2025, the bank was notified of a potential data breach affecting customer data, likely related to a broader attack on a third-party vendor, SitusAMC.
More recently, in November 2025, the bank was notified of a potential data breach affecting customer data, likely related to a broader attack on a third-party vendor, SitusAMC.
Many online security experts say online fraud is skyrocketing and there are FBI warnings about such fraud and related scam.
Such cybersecurity experts also cite another alarming trend – increasing sophistication in the methods used by cybercriminals.
Cybercrime methods
Many crooks have been using what are called “banking Trojans.” It’s true insurance companies offer insurance to reimburse business victims of cybercrime. But cybercrime is expensive.
A client once hired top security expert Stan Stahl, Ph.D., to investigate a $1 million loss from an online banking theft, and I reported the details in this column, “5 Safety Measures to Thwart Mounting Social-Network Attacks.” He says it resulted in an expensive legal struggle.
Mobile-banking dangers
Despite what banks claim, mobile banking is dangerous. Here’s the reason for the article: Identity fraud has escalated in smartphones and social media.
Personal online security tips
Here are some of his tips to enhance your personal online security:
- Review all privacy and policy information.
- Use unique and hard to guess login information.
- Protect your computer.
- Check your account balance regularly.
- Pay using credit cards.
- Do not access your account from public locations.
- Verify email correspondence from bank.
- If your account is compromised, take swift action.
- How to Report E-Scams and Hoaxes to the FBI.
Online management controls
For your company’s management controls:
- Don’t allow your employees to use your computers in social networking.
- Establish a list of allowable web-sites.
- Closely monitor your bank account.
- Train employees in social engineering awareness.
- Change the mindset of your managers and employees – if something seems odd, say no and call for Internet security.
- Strengthen your defenses.
Oh, don’t forget the danger in opening and responding to e-mails — to avoid cyber criminals from phishing — a tactic to get you to reveal sensitive information.
From the Coach’s Corner, see this related security article:
Strategies to Prevent Internet Terrorism — Online Fraud — Merchants everywhere are getting hit by Internet terrorism — online fraud. Here’s what you can do about it.
“Phishing is a major problem because there really is no patch for human stupidity.”
-Mike Danseglio
__________
