News 

According to the research, banks are leaving their customers exposed to hackers who could steal their money, and even their identities.

The study was conducted by Prof. Atul Prakash and doctoral students Laura Falk and Kevin Borders. The trio explored the websites of 214 financial institutions - many of which are global brands - and found that the flaws are not typically glitches that can be fixed with a patch, but tend to stem from the flow and layout of the websites.

The websites' flaws include placing log-in boxes and contact information on insecure web pages as well as failing to

ADVERTISEMENT

keep users on the site that they initially visited. According to Prakash, some banks may have ironed out some of these problems since the team's data was gathered, but he still sees much need for improvement overall.

"To our surprise, design flaws that could compromise security were widespread and included some of the largest banks in the country," said Prakash. "Our focus was on users who try to be careful, but unfortunately some bank sites make it hard for customers to make the right security decisions when doing online banking."

However, Prakash claims customers should not panic over the findings. He advised that using either a wired network, or a wireless network that you control, will safeguard users from most flaws. Also, most of the flaws can only be exploited by the most seasoned of cybercriminals, he stated.

"The flaws we discuss in the paper are not the type that can be exploited easily by remote attackers or script-kiddies. In general, exploiting the flaws would require you to use an unsafe network, such as a wireless network that you do not control."

Prakash initiated this study after noticing flaws on his own financial institutions' websites.