Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
ACH thieves embed job apps with malware
WASHINGTON (1/26/11)--A new variant on automated clearinghouse (ACH)/wire transfer fraud is targeting businesses by responding via e-mail to job openings posted online and embedding malicious software, or malware, warned the FBI. Cyber criminals often target small businesses that use smaller financial institutions such as credit unions and regional banks (cio.co.ke.com.com Jan. 20). In ACH fraud, cyber criminals install malware on a small business' computer and use it to log into the business's online banking account. There, they set up fake fund transfers, add bogus employees or payees, and move the money offshore, sometimes several hundred thousand dollars in a matter of hours. Recently more than $150,000 was stolen from a U.S. business through unauthorized wire transfer as a result of a so-called job applicant's e-mail that contained malware, said the FBI (Internet Crime Complaint Center Jan. 19). The malware was embedded in an e-mail response to a job posting the business placed on an employment website. As a result, the criminal obtained the online banking credentials of a person authorized to conduct financial transactions within the company. The criminal changed the account settings to allow wire transfers--one to the Ukraine and the other two to domestic accounts in the U.S. The FBI identified the malware as a Bredolab variant, svrwsc.exe., which was connected to the ZeuS/Zbot Trojan commonly used by cyber criminals to defraud U.S. businesses. Potential employers should remain vigilant in opening e-mails of prospective employees, said the FBI. Run a virus scan before opening an e-mail attachment to provide an extra layer of security against this type of attack. Also , use separate computer systems to conduct financial transactions, said the FBI.
Other Resources

RSS print
News Now LiveWire
.@Fiserv renews $250K benefactor commitment to @fileneresearch #NewsNow #System http://t.co/tRrfmLNv0n
3 minutes ago
#NewsNow Debit card use wanes due to security fears http://t.co/RK6WolpxpT
41 minutes ago
Are consumers bailing on cards, going back to using cash? via @CrainsChicago http://t.co/PrZLjA4zUv
44 minutes ago
Will shoppers avoid data-breached retailers this holiday season? #NewsNow #creditunions http://t.co/nzI44BX2sq
1 hours ago
Krebsonsecurity reported 10/14 banks said they ID'ed pattern of credit/debit card fraud & several Staples locations may be dealing w/breach.
1 hours ago