WASHINGTON (1/26/11)--A new variant on automated clearinghouse (ACH)/wire transfer fraud is targeting businesses by responding via e-mail to job openings posted online and embedding malicious software, or malware, warned the FBI. Cyber criminals often target small businesses that use smaller financial institutions such as credit unions and regional banks (cio.co.ke.com.com Jan. 20). In ACH fraud, cyber criminals install malware on a small business' computer and use it to log into the business's online banking account. There, they set up fake fund transfers, add bogus employees or payees, and move the money offshore, sometimes several hundred thousand dollars in a matter of hours. Recently more than $150,000 was stolen from a U.S. business through unauthorized wire transfer as a result of a so-called job applicant's e-mail that contained malware, said the FBI (Internet Crime Complaint Center Jan. 19). The malware was embedded in an e-mail response to a job posting the business placed on an employment website. As a result, the criminal obtained the online banking credentials of a person authorized to conduct financial transactions within the company. The criminal changed the account settings to allow wire transfers--one to the Ukraine and the other two to domestic accounts in the U.S. The FBI identified the malware as a Bredolab variant, svrwsc.exe., which was connected to the ZeuS/Zbot Trojan commonly used by cyber criminals to defraud U.S. businesses. Potential employers should remain vigilant in opening e-mails of prospective employees, said the FBI. Run a virus scan before opening an e-mail attachment to provide an extra layer of security against this type of attack. Also , use separate computer systems to conduct financial transactions, said the FBI.