A new FBI alert has been issued that warns small businesses, municipal governments, and schools about a significant increase in automated clearinghouse (ACH) fraud, in which cybercriminals are stealing millions of dollars from organizations through an ongoing cyber attack. As part of this attack, cybercriminals send an email to a business or organization's bookkeeper or financial officer that aims to trick them into downloading keylogging software. If the business or organization uses an online banking service, the cybercriminal can use the software to steal the victim's login credentials and create ACH transfers to "money mules," or people who are tricked into transferring the money overseas where it cannot be found. As part of the scam, cybercriminals also are launching distributed denial-of-service attacks against ACH processors in order to prevent them from recalling transfers before the funds can be sent overseas. The FBI says cybercriminals have attempted to steal roughly $100 million through this scam. The bureau notes that cybercriminals are primarily attacking organizations that tend to work with smaller regional banks, which are often not capable of stopping the fraudulent ACH transfers. Compounding the problem is the fact that some banks do not have proper cybersecurity measures in place to protect against this attack, the FBI says.
No comments:
Post a Comment