Identity thieves have moved on from banks and are now targeting online brokerages with increasingly sophisticated attacks, according to an expert in security and authentication.
The first assault appeared in July, in which a man-in-the-middle attack defeated security measures once thought to be impregnable.
Financial institutions are now having to rethink how to protect their online banking customers, according to authentication firm Arcot Systems.
Hackers broke into customer accounts at large online brokerages in the US last month and made unauthorised trades worth millions of dollars.
Arcot explained that these scams typically start with a hacker gaining access to username and password information through phishing and key-logging attacks.
"With the increase in consumer use of the internet for personal finance, financial institutions are having a problem staying ahead of the hackers," the company said.
"In these and other cases, hackers were able to bypass multiple layers of security and gain access to their accounts.
"These attacks accentuate the need for all financial institutions, not just those regulated by FFIEC guidelines, to adopt a strong authentication solution to reduce online identity theft and fraud, enhance customer trust and protect their assets."
Arcot recommends an authentication system that ensures the identity of the user and the site to which they are logging on.
This solution must prevent phishing, man-in-the-middle, keystroke logger and other internet attacks, while providing a simple authentication experience for customers, employees and partners.
Geoengineering on the sea floor near glaciers would form a new ice shelf to prevent melting
Alterations in capillary blood flow can be caused by body position change
Curiosity rover is in 'normal mode' but not transmitting scientific data back to base
NatWest outage comes a day after Barclays' IT systems shut out customers and staff