Wednesday, November 04, 2009

FBI Issues Warning on ACH Fraud

The FBI is warning small businesses, municipal governments and school districts of an increase in fraud involving legitimate online banking credentials, according to British banking newsletter Finextra.

The scam works through spear phishing attacks, where victims are redirected to a malware-laden site that drops a key logger Trojan on their desktop. Once the attackers get access to an account, they transfer funds through either traditional ACH or wire transfers.

The FBI is warning business users with online banking accounts to contact their financial institutions to make sure they have adequate security controls and fraud prevention tools in place.

The Financial Services Information Sharing and Analysis Centre, a banking group, is recommending its commercial banking customers should "carry out all online activity from a standalone, hardened and locked-down computer from which e-mail and Web browsing is not possible".


Anonymous website protection said...

They should be able to track at least some of the transfers and make some busts?
or there is a way to make them wannish ?

7:38 AM  
Anonymous Anonymous said...

Lets hope it does some good.

11:46 AM  
Anonymous Anonymous said...

If the users could authenticate the server at the same time the server authenticates the user then the trojans cannot trick a valid token authentication value out of a online banking user. My suggestion which is immune to this MITM attack.

4:33 AM  

Post a Comment

<< Home