Emerald Business Systems Blog

FBI Says ‘Money Mule’ Scams Now Top $100 Million

Posted in General Business,PCI,Security by ebs4pos on January 2, 2010

The hackers looting bank accounts of small and mid-sized businesses around the county are hitting new victims every week, and have now racked up approximately $100 million in attempted losses, the FBI said Tuesday.

“The infection vector has not been determined in every case,” the bureau’s Internet Crime Complaint Center wrote in an intelligence note on the growing scam. “However, FBI analysis has identified more than two dozen different pieces of malware on the compromised account holders’ computers all containing key loggers.”

Using these Trojan horses, cybercrooks have been intercepting victims’ web-banking credentials and then initiating money transfers to mules around the country. The mules are consumers who’ve been lured into fake work-at-home scams, in which their employment involves receiving money and then forwarding the funds to Eastern Europe.

The money has been siphoned through wire transfers, and through Automated Clearing House, or ACH, networks, the bureau said. ACH networks are normally used for direct deposits and online bill payment.

“In one case, the subjects used a Distributed Denial of Service (DDoS) attack against a compromised ACH third-party provider to prevent the provider and the bank from recalling the fraudulent ACH transfers before money mules could cash them out,” the FBI reports. “These ACH transfers ranged from thousands to millions of dollars.”

Just last week the FBI had put the losses at $40 million, according to a story by WashingtonPost.com reporter Brian Krebs, who’s been closely following the attacks. On Thursday the FDIC warned U.S. banks to watch for suspicious activity that could indicate a customer has been recruited as a mule.

via FBI Says ‘Money Mule’ Scams Now Top $100 Million | Threat Level | Wired.com.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: