Anti-Virus Software Failures Key Culprit in Spear Phishing Attacks

EDISON, NJ--(Marketwire - Jun 21, 2011) - "Anti-virus software is the key culprit in the success of spear phishing attacks, not innocent users," says Mark Kay, CEO for StrikeForce Technologies (OTCQB: SFOR) (PINKSHEETS: SFOR).

"Every compromised organization, from RSA, Citigroup, and Lockheed to FBI and CIA has anti-virus software that completely failed to detect and stop keylogging malware that came from spear phishing emails," Kay says.

Keyloggers -- nasty malware variants -- remain undetected in millions of compromised systems worldwide. It records keystrokes and transmits them to hackers, as seen in most of the major, recent data breaches. Using legitimate security credentials, hackers access secure networks and cloud services to steal critical financial, identity, and national security data every day.

"It's not realistic to expect people to change how they use email because it's central to everyday operations," says Kay. Once users accidentally open malware-bearing emails, hackers easily defeat anti-virus software. Anti-virus attempts to match known malware patterns against static databases that require frequent updates. But new malware finds holes in these databases, shifts its patterns, and avoids detection.

With single factor and RSA's two-factor hacked token authentication and anti-virus failing, the most reliable way to stop security credential theft is through keystroke encryption. "Keyloggers are winning the war because organizations with sensitive data are neglecting to implement keystroke encryption to protect logins and passwords," says Kay. Keystrokes can be encrypted inside system kernels and carried through channels keyloggers don't typically inhabit. "Two-factor, Out-of-Band authentication should also be used," Kay adds.

Security negligence is an increasing risk for corporations in cyber war lawsuits. Last Thursday, U.S. District Judge Patrick J. Duggan ruled against Comerica for failing to stop security breaches that led to $1.9 million in fraudulent wire transfers from Michigan-based Experi-Metal Inc.'s bank accounts which were compromised through keylogging.

About StrikeForce
StrikeForce Technologies helps to prevent online identify theft and data security breaches for consumers, corporations, and government agencies. It provides powerful two-factor, 'Out-of-Band' authentication and keystroke encryption solutions. StrikeForce Technologies, Inc. (OTCQB: SFOR) (PINKSHEETS: SFOR) is headquartered in Edison, N.J., and can be reached at www.strikeforcetech.com or by phone at (732) 661-9641 or toll-free at (866) 787-4542.

Safe Harbor Statement:
Matters discussed in this press release contain forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. When used in this press release, the words "anticipate," "believe," "estimate," "may," "intend," "expect" and similar expressions identify such forward-looking statements. Actual results, performance or achievements could differ materially from those contemplated, expressed or implied by the forward-looking statements contained herein. These forward-looking statements are based largely on the expectations of the Company and are subject to a number of risks and uncertainties. These include, but are not limited to, risks and uncertainties associated with: the sales of the company's identity protection software products into various channels and market sectors, the issuance of the Company's pending patent application, and the impact of economic, competitive and other factors affecting the Company and its operations, markets, product, and distributor performance, the impact on the national and local economies resulting from terrorist actions, and U.S. actions subsequently; and other factors detailed in reports filed by the Company.