September 16, Infosecurity – (National)
FBI probes over 400 cases of corporate bank account cyberjacking.
The FBI is currently investigating over 400 reported cases of corporate banking account takeovers in which cybercriminals have initiated unauthorized automated clearing house (ACH) and wire transfers from U.S.-based organizations, an FBI official told a U.S. House panel the week of September 12. Through this method, cybercriminals have attempted to steal over $255 million and have actually stolen around $85 million, the assistant director of the FBI’s cyber division told a House subcommittee on financial institutions and consumer credit. He explained that these cyberattacks are usually carried out through targeted phishing e- mails that contain either malware, or a link to a malware-laden Web site. The phish targets a person within the company who can initiate fund transfers on behalf of the business or institution. “Once the recipient opens the attachment or navigates to the Web site, malware is installed on the user’s computer, which often includes a keylogging program that harvests the user’s online banking credentials. The criminal then either creates another account or directly initiates a funds transfer masquerading as the legitimate user. The stolen funds are often then transferred overseas”, he explained. The targets of these phishing attacks are small and medium-sized businesses, local governments, school districts, and healthcare providers, he noted.
Plan. Protect. Prosper.
Protus3 specializes in security system design, security consulting, corporate investigations and other investigative services. Partner with Protus3 and we will examine each situation to identify threats and develop solutions for your best outcome.