Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
Social engineering scam fooling service reps
MOUNTAIN VIEW, Calif. (1/17/13)--Member service representatives trying to be helpful to credit union members may fall for a scam that requires taking over a member's online account and tricking the rep via a chat session into helping out with the scam.

Mountain View, Calif.-based Guardian Analytics, an online security vendor that specializes in detecting anomalies, says the scam targets both small and large financial institutions and has migrated to call centers, using older tactics in new ways  (cuinfosecurity.com FraudBlogger Jan. 15).

The scams involve four steps. Cybercriminals:

  • Log onto an account using login and password credentials stolen through a Trojan  attack or another socially engineered scam;
  • Test the account by checking balances and initiating internal funds transfers, but do not initiate an external transaction;
  • Initiate a live chat session with the member service representative; and
  • Ask the representative for help in scheduling a wire transfer.
The member service rep, believing the chat session is with the accountholder because the session takes place through an already online authenticated process, helps complete the wire transfer.

Guardian also found that many compromised accountholders are also victims of work-at-home scams that involve one-time deposits to online accounts. Later the cybercrooks remove funds from the accounts. It is not clear whether the credentials are provided voluntarily or stolen.

The company advises financial institutions to:

  • Educate members and staff. When the credit union discovers suspicious activity, communicate with other departments, including the frontline call center and member service staff so they know an account is flagged for suspicious activity.
  • Look for anomalies in behavior.  Most transactions were less than $8,000, not enough to raise suspicion, but the way the wires were scheduled was atypical behavior.
  • Review the process for accepting wire requests. Set transaction limits and add more authentication methods.
RSS





print
News Now LiveWire
Matz: Revised @TheNCUA #RBC rule for #creditunions 2 B unveiled 1/15/15, 90-day comment period to follow #newsnow http://t.co/qABhvghSTU
6 hours ago
Just announced: @TheNCUA board will consider a revised risk-based capital rule at its Jan 15 mtg. See #NewsNow Monday for more info.
7 hours ago
Nearing one-yr anniversary of data breach, @Target asks for class action suits to be dismissed via @BloombergNews http://t.co/kra6kupd35
9 hours ago
.@PeoplesTrustFCU has been recognized with the Juntos Avanzamos designation by @Cornerstone_CUL for its service to the Hispanic community
9 hours ago
#NewsNow: Rep. Hensarling names #HFSC subcommittee chairs. http://t.co/dXAMZdpn1p
10 hours ago