All material subject to strictly enforced copyright laws. © 2022 Euromoney Institutional Investor PLC group
Asia CommentTaipan

Bankers try, fail to evade cyber security

Banks have improved their cyber security dramatically in the last few years. But their employees are still taking creative approaches to sneaking out data — for fun and profit.

Bankers: never think you can outsmart IT. They might be grumpy, unhelpful, and prone to telling you to 'turn it off and back on again'. They might look like conspiracy theorists lost at Woodstock. But they also happen to know a lot about those big boxes with all the circuits inside.

Take the banker who recently tried to send a contacts list to his personal email account, a big no-no for banks careful to protect their client relationships when employees leave. An old-fashioned emailed attachment to an external Gmail account is hardly the most creative approach to nabbing data, but this particular banker had a trick up his sleeve.

When the email was caught by the bank’s automated security checks and sent to the HR department, they opened a file that looked entirely blank. But when one astute IT support worker guessed the banker had changed the font colour to white – matching the background – his bold plan was thwarted.

Another banker was not trying to take his clients with him but simply trying to share a juicy internal announcement with a few contacts. He took a photo of the document on his phone, sharing it on WhatsApp and WeChat. But when it did the rounds on social media — and eventually made its way back to his employer — he was quickly rumbled.

It turns out that many banks include watermarks in each of the mass emails they send to staff, unique codes that are so well-hidden most people will not notice them. Like I said: never underestimate the IT crowd.  

We use cookies to provide a personalized site experience.
By continuing to use & browse the site you agree to our Privacy Policy.
I agree