You read this article and your first reaction is "How horrible!" Your second reaction should be: "well, duh."
Business Week this morning reports on how hackers using keystroke loggers are robbing people's online trading accounts.
Two things. Brokerages should immediately make it harder to transfer funds out of accounts. Require a phone call or fax back from a specific source for instance to authorize the movement of funds.
*All* account trustees (banks, brokerages, insurance companies) should implement better (stronger) authentication. I find it ludicrous that people worry about "token necklace syndrome" which is purely hypothetical when the threat against accounts is real and present.
(Token Necklace: collecting so many authentication devices that you have to string them around your neck. I can just imagine the bankers telling Walter Schlage, the "Lock Wizard of Thuringia", that his idea would never work because people would never carry bunches of keys around with them.)