One-time passwords and phone-based user authentication are no longer enough to protect against banking fraud, according to a new report from Gartner. Criminals are apparently increasingly able to steal credentials or otherwise overwhelm such measures. In most instances, the crooks used sophisticated keystroke logging Trojan horse programs to steal login credentials from company employees authorised to initiate funds transfers on behalf of the business, according to the FBI. A number of banking clients have reported being victimised or targeted by attacks involving the use of malicious code hidden in web browsers to intercept and corrupt banking transactions. Trojans lurk in the users’ browser and get activated when a banking site is visited. The user gets an error message, and the trojan does its dirty work behind the scenes….