Head of Global Transaction Banking Europe.
Julio López Moreno
Chief Information Security Officer BBVA CIB
06 Jul 2020
Álvaro Garrido has been safeguarding the integrity of BBVA’s assets for the past three years. In his role as Chief Security Officer (CSO), he’s responsible not only for the Group’s physical & digital security, but also for its fraud prevention efforts, an exceptionally broad range of duties for such a large company and, at the same time, a great professional challenge.
16 Jun 2020
A few weeks ago some colleagues from a development team told us about their worries on the JSON Web tokens (JWT) generation they were doing as part of a new tool integration they were working on. They had heard about several security issues regarding the use of JWT tokens so they asked us for help in order to validate if the tokens they were issuing were correct and met some basic security requirements.
We are currently working on a project to help automate security tests, APICheck, which we’ve recently released as open source. APICheck is comprised of a set of small tools that can be pipe chained in order to run several tests on API requests, so we got down to work with the development of a new tool for validating the JWT they were issuing, jwt-checker, in which we’ve implemented the ability to pass the validations on the tokens we’ll talk about. Below I’ll show you an example of a test implemented using the tool.
15 May 2020
Scammers adapt quickly to new trends, exploiting them to lure new victims. An example that has gained notoriety in recent weeks: web sites promoting fraudulent Fortnite offers. Fortnite is a popular video game and is being used by cybercriminals as an enticement to misappropriate user data.
12 May 2020
It’s technically complicated, but yes, if the webcam user doesn’t follow some security precautions, it is possible. Furthermore, exploiting the fact that the COVID-19 pandemic has driven an increase in teleworking, online classes, and all kinds of virtual meet-ups, cyber criminals are looking to profit by stepping up their attacks. Find out how to prevent others from unauthorized access to your web camera or videoconferences.
07 May 2020
The arrival of COVID has forced many companies to figure out new ways of working, and to accepting the idea of allowing, where feasible, employees to work from home. These new alternative work arrangements may yield substantial sustainability, cost saving and productivity benefits, but also expose of corporate confidential information to new threats. In this context, adopting increased security habits becomes more important than ever.
04 May 2020
BBVA is partnering with the IMDEA Software Institute, which belongs to a network of international research centers in Madrid, on the development of advanced cryptographic techniques. This technology is key to the creation of data-based digital solutions that protect the privacy and security of users’ data.
29 Apr 2020
With millions of people teleworking and communicating with each other online during the coronavirus crisis, email has become of the main tools for both professional and personal purposes. Now more than ever before, it is important to learn to detect cyber attacks that come in the form of emails, and follow the recommendations to protect ourselves from them.
27 Apr 2020
Children and young people are particularly susceptible to the risks of the Internet. These risks are even more pronounced as the coronavirus imposes social distancing, causing our children to spend more of their day online than normal. Here are some suggestions that will help keep children safe when they are on social media.
24 Apr 2020
Cybercriminals are taking advantage of COVID-19 and the new reality it has imposed: telecommuting hitting peak levels and huge amounts of information — and misinformation — circulating the Internet. Scammers are ramping up their activities as they try to maximize ill-gotten gains. We explain how these organized groups work, what attacks are the most common, and what we can do to protect ourselves.
07 Apr 2020
Older people with limited knowledge about the digital world are especially vulnerable to Internet fraud. The frequency of these attacks has risen notably during COVID-19 social distancing, a time when hackers are taking advantage of the dramatic increase of user time online and the vulnerability of certain groups of people.
31 Mar 2020
In an attempt to capitalize on coronavirus fears, scammers are launching new phishing campaigns with false tips against the virus or links to purchase personal protective equipment to spread their malware among victims or steal their personal information.
24 Mar 2020
Given the climate of uncertainty created by the rapid expansion of COVID-19, the respiratory disease caused by the novel coronavirus, it is becoming increasingly relevant to recognize reliable information and avoid spreading online. These are some of the tips provided by UNESCO to achieve this.
20 Mar 2020
While the pandemic created by the novel COVID-19 develops and sends Americans down an unprecedented path, fraudsters are jumping at the chance to capitalize on that uncertainty.
27 Feb 2020
25 Feb 2020
Everyone leaves a online footprint that could be easy to find, simply from being a member of a digital society. But by being aware of one’s footprint and learning how to control it, cyber criminals will have a much harder time finding possible victims. Here is some advice to do so.
31 Jan 2020
Did you know? There are more than 1300 different roles within BBVA—and they all play a critical role in creating opportunities for our customers. Over the coming months, we’ll be profiling some team members and sharing how they’re Working for Our Customers.
14 Jan 2020
BBVA has partnered with the authentication solutions company Nok Nok Labs — one of the driving forces behind the new FIDO (Fast Identity Online) standard aimed at strengthening the security of biometric systems on mobile devices. The agreement is part of BBVA’s strategy to improve the security and user experience of its mobile banking services through state-of-the-art biometric capabilities.
The new Fast Identity Online (FIDO) standard reinforces the security of online identity authentication systems on mobile devices and web applications. Its goal is to replace the exclusive use of passwords with more secure biometric authentication mechanisms that are protected by encryption systems.
29 Nov 2019
28 Nov 2019
To celebrate International Information Security Day, which will take place on November 30th, BBVA is dedicating the week to raising awareness of the risks in the digital world. In this interview, Ana Gómez Blanco, Head of Culture in Cybersecurity at BBVA, explains how initiatives like this are a fundamental component of corporate security and the key to helping employees and their families make their habits “cybersafe”.
27 Nov 2019
“Good morning, we’re calling from technical support. We’ve detected problems with your equipment and if they aren’t resolved soon, your computer will stop working.” This is how one of the oldest IT scams of all time usually starts off, a scam that has reemerged as the value of data has soared, a technical support scam also popularly known as the Microsoft hoax.
26 Nov 2019
BBVA hosted the fourth edition of Women in Cybersecurity Spain (WiCS). WiCS is an initiative dedicated to promoting the role of women in cybersecurity – a field where they represent just 24 percent of the global workforce, according to International Information System Security Certification Consortium (ICS). Four women who are senior managers at BBVA participated in the event, which also served to discuss diversity in general.
25 Nov 2019
To browse the internet safely and keep their computers properly up to date, users have a great ally: antivirus software. This quick guide will help you understand the value these tools provide, the protection they offer, and how to make the most out of them.
21 Nov 2019
While you’re browsing the web, reading news articles, scrolling through Facebook, checking your bank account or logging into your company’s system, there’s always a looming threat that could compromise your personal information.
31 Oct 2019
Startups face the growing challenge of building successful business models quickly, while protecting customer data from the threats in the digital world. Here are some recommendations that were offered during the last Open Summit to help entrepreneurs defend themselves against cyberattacks.
28 Oct 2019
23 Oct 2019
Data available in physical format represent an important source of information for cybercriminals – things like passwords written on paper or cards, as well as information susceptible to theft that moves through social networks and computers. Here are some of the different social engineering techniques designed to extract information available in non-digital format.
22 Oct 2019
Artificial intelligence and big data, are proven contributors of innovation to the financial system. The digital explosion and technological advances have caused a revolution in society and in the corporate organization. As explained by Jorge Sicilia, Chief Economist of BBVA Group and director of BBVA Research, the financial sector is no stranger to these changes and the next wave of innovation is going to be based on artificial intelligence.
09 Oct 2019
This type of cyberattack –targeted at companies’ employees – has been increasing steadily during the last year. The ‘CEO fraud’ can affect any type of company, from small family businesses to large multinationals and it is essential to understand how it works in order protect companies from it.
12 Sep 2019
09 Sep 2019
Internet shopping is more and more common: grocery shopping, movie tickets, airline travel, and more. Shopping online has become habitual day-to-day practice, though occasionally potential buyers leave themselves open to fraud or data theft. The following cybersecurity tips serve to reduce the risks associated with card payments on the Internet.
03 Sep 2019
14 Aug 2019
09 Aug 2019
04 Jul 2019
In the business world, the CISO or Chief Information Security Officer is the person responsible for ensuring and upgrading information security within the organization. At home, we can apply many of the basic principles that are foundation of the CISO role to protect and preserve our family’s private information. No matter how daunting the task may seem at first, it is really not that hard to achieve this goal without being an expert on the subject.
21 Jun 2019
Any company can fall victim to this kind of crime in which criminals trick an employee authorized to give bank payment orders into performing a transaction for them. Financial institutions like BBVA never request sensitive information, such as passwords or personal data, by email or outside of the secure environment on Net Cash and BBVA.es. For organizations, the key to preventing this kind of fraud is to reinforce control systems and exercise great caution.
24 May 2019
BBVA held its first Family Cybersecurity Day, an initiative aimed at raising awareness and educating employees and their families about the potential risks derived from the online activities and certain digital habits that are already a part of our daily lives.
12 Nov 2018
Email is a potential gateway for cyberattacks. You should therefore be careful when opening any messages. Those emails sitting in the spam or junk folder, though, are the most dangerous of all.
14 Sep 2018
The concept of a ‘dictionary attack’, although it sounds like a fight in a library, refers to a method of hacking to break password-protected security systems.
28 May 2018
Virtually everybody today has a username and password. We are required to provide them to log on to popular online services, including social media, online stores and streaming services. By default, browsers will ask you if you want to save passwords to save you the trouble of typing them again. If you are inclined to answer ‘yes’, keep reading because you’ll find this information of use.