Online criminals have used the Automated Clearing House (ACH) system to facilitate the theft of more than $100 million from small and medium businesses, the FBI warned this week.
The attacks typically use social engineering via e-mail messages to install malicious software on the computers of managers responsible for a business's financial transactions. The Trojan horse then transfers money from the firm's account, when the manager signs onto the business's bank account. The FBI has had reports of firms losing hundreds of thousands to millions of dollars, according to an advisory posted on the FBI's Internet Crime Complaint Center (IC3).
"In most cases, the victims' accounts are held at local community banks and credit unions, some of which use third-party service providers to process ACH transactions," the FBI stated. "The bank account holders are often small- to medium-sized businesses across the United States, in addition to court systems, school districts, and other public institutions."
Data indicates that criminals are quickly ramping up their operations. Last month, the FBI estimated that more than $40 million has recently been stolen from firms, according to the Washington Post. In one example, a Silicon Valley construction firm had $447,000 siphoned from its account in 27 separate transactions in a matter of minutes.
Other recent research has shown that small and medium businesses are likely to have cut or frozen spending this year.
The criminals transfer money, usually in increments of less than $10,000 so as to remain unreported, to the accounts of "money mules," people who willingly or unwittingly agree to transfer money for a cut of the proceeds. The money typically is transferred by the accomplices to accounts in Eastern Europe, the FBI said.
There are signs that the online thieves are taking more aggressive steps to stop victims from reclaiming their cash, the alert stated.
"In one case, the subjects (criminals) used a distributed denial-of-service attack against a compromised ACH third-party provider to prevent the provider and the bank from recalling the fraudulent ACH transfers before the money mules could cash them out," the alert stated.
If you have tips or insights on this topic, please contact SecurityFocus.
Posted by: Robert Lemos