Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
ACH thieves embed job apps with malware
WASHINGTON (1/26/11)--A new variant on automated clearinghouse (ACH)/wire transfer fraud is targeting businesses by responding via e-mail to job openings posted online and embedding malicious software, or malware, warned the FBI. Cyber criminals often target small businesses that use smaller financial institutions such as credit unions and regional banks (cio.co.ke.com.com Jan. 20). In ACH fraud, cyber criminals install malware on a small business' computer and use it to log into the business's online banking account. There, they set up fake fund transfers, add bogus employees or payees, and move the money offshore, sometimes several hundred thousand dollars in a matter of hours. Recently more than $150,000 was stolen from a U.S. business through unauthorized wire transfer as a result of a so-called job applicant's e-mail that contained malware, said the FBI (Internet Crime Complaint Center Jan. 19). The malware was embedded in an e-mail response to a job posting the business placed on an employment website. As a result, the criminal obtained the online banking credentials of a person authorized to conduct financial transactions within the company. The criminal changed the account settings to allow wire transfers--one to the Ukraine and the other two to domestic accounts in the U.S. The FBI identified the malware as a Bredolab variant, svrwsc.exe., which was connected to the ZeuS/Zbot Trojan commonly used by cyber criminals to defraud U.S. businesses. Potential employers should remain vigilant in opening e-mails of prospective employees, said the FBI. Run a virus scan before opening an e-mail attachment to provide an extra layer of security against this type of attack. Also , use separate computer systems to conduct financial transactions, said the FBI.
Other Resources

RSS print
News Now LiveWire
Why is a #creditunion a good fit for you? http://t.co/i4pGT98mkT via @MONEY
6 hours ago
The numbers are in: Home Depot data breach impact on #creditunions = $57.4 million, 7.2 million credit/debit cards http://t.co/jorYSOYuxj
7 hours ago
.@Nussle : We'll back off when retailers accept their breach responsibility #NewsNow http://t.co/7WxDXicb6j
9 hours ago
RT @asmarterchoice: RT @daily_finance: Top 5 money management tips for 30-somethings http://t.co/mWRfDRSTE7
9 hours ago
Operational efficiencies focus of new @CUNA program #NewsNow http://t.co/qBYHKVYeQN
10 hours ago