Cybercriminals Steal Funds From Bank Accounts Of U.s Small And Medium Sized Businesses

By Author: eccuni
Total Articles: 211
Comment this article

Financial Trojans are back in the news again. Federal Bureau of Investigation (FBI) has recently issued alert against unauthorized wire transfers from bank accounts of small and medium sized U.S businesses. The funds were allegedly transferred to some Chinese economic and trade companies.

The investigative agency has identified twenty incidents of fraudulent wire transfers. The wire transfers were in the range of $50,000 to $985,000. Cybercriminals were able to successfully transfer funds worth $11 million. Attackers initially conduct fraudulent wire transfers to New York based banks. The funds are then transferred to accounts of Chinese companies. Usually, attackers send phishing e-mails to employees authorized to conduct money transfers for the business. The e-mails appear to come from a legitimate bank and ask users to click on a link, which redirects them to a fake website, where login credentials are extracted.

Preliminary investigations indicate use of financial Trojans such as Zeus, backdoor.bot and Spybot to siphon off funds in some cases. Malware is installed on target user's computer system by enticing ...
... them to click on malicious links in e-mails. In some cases, attackers send spam e-mails, which prompt users to click on a given link. Those users who click on the link assuming it as a legitimate communication from their bank are lead to a website, which requests them to wait for a few seconds. The interval is used to insert a malicious malware into computer systems through a drive-by-download, without the knowledge of the user. The malware embeds itself in the target system's web browser. When users access their online banking site and enter the log in credentials, they are extracted by the malware.

In some cases, attackers install malware through Internet Relay Chat (IRC). The installed Trojan acts in the background service and allows attackers to gain remote access to computer systems. Professionals qualified in masters of security science may help bank in assessing and improving IT security measures.

The recipient Chinese companies include words such as 'trade', 'economic and trade', and 'Ltd' in their names. These companies are registered as legitimate businesses and have accounts in major Chinese banks such as the Bank of China, the Agricultural Bank of China, the Industrial and Commercial Bank of China. Some companies even have name of port cities such as Dongning, Fuyuan, Jixi City, Raohe, Tongjiang and Xunke in their names. FBI has alerted banks to be vigilant of wire transfers involving these cities. Banks must notify the customers involving wire transfers to these cities to confirm that transaction is authorized.

Access to computers used for corporate banking must be restricted to authorized users. Employees must be made aware of Internet-based threats through huddle sessions and e-learning programs. Banks may also encourage employees to undertake online degree courses on cyber security. Employees must be wary of replying to e-mails from anonymous or unknown members. They must immediately delete suspicious e-mails. They must access the legitimate sites by directly typing the URL on the web browser.

The sophisticated threats in the IT environment require proactive action. IT professionals may make use of online university degree courses to update their technical skills and know-how. Banks may coordinate with Internet security firms to identify and eliminate security threats. They must install spam filters to reduce spam and malicious e-mails. Organization may make use of reputation-based web security products, which block connection from known or recognized bad sites instantly to strengthen their defense against security threats.