BRUNSWICK, Maine (9/16/09)--Eastern European scammers used a sophisticated e-mail scam to gain access to a Brunswick, Maine, heating fuel company’s bank account it uses to allow customers to pay for fuel with electronic funds transfers from their checking accounts. The scam has implications for credit unions. The breach of Downeast Energy and Building Supply’s account cost the company roughly $150,000 and exposed checking account information of hundreds of customers, the company said Monday (MaineBusiness.com Sept. 15). The scam began with an e-mail to a Downeast employee that claimed to be from the company’s bank. An e-mail link that seemed to be from KeyBank took the employee to a bogus website that was identical to the bank’s, the publication said. Once the company’s bank-issued user name and password were entered, the information was delivered to the scammers who then used it to steal money from Downeast, MaineBusiness said. Internet criminals are stepping up their targeting of small- and mid-sized companies because they have less sophisticated security than larger companies, a Federal official told the publication. About 87% of data breaches could be thwarted with simple-to-intermediate preventive measures, said a Department of Homeland Security official. Cybercrime has cost the nation nearly $8 billion, U.S. Sen. Susan Collins (R-Maine), ranking member of the Senate Homeland Security and Governmental Affairs Committee, told the committee. Data relating to more than 130 million credit and debit cards have been stolen from corporations, the publication said.