Oct. 22, 2012 – An alert issued in September regarding wire transfer fraud threats to small credit unions and banks was circulated throughout the financial industry’s cybersecurity information networks and bears continued watching during National Cybersecurity Awareness Month.
The alert, reported last week on the NAFCU Compliance Blog, was issued by the FBI, the Financial Services Information Sharing and Analysis Center and the Internet Crime Complaint Center regarding incidents of cybercrime targeting primarily small-to-medium banks and credit unions.
“Cyber criminals are using spam and phishing e-mails, keystroke loggers, and Remote Access Trojans (RAT) to compromise financial institution networks and obtain employee login credentials,” The Oct. 17 blog post notes. “The stolen credentials are then used to initiate unauthorized wire transfers overseas.”
Wire transfer amounts reportedly have varied between $400,000 and $900,000. Some institutions were the targets of a distributed denial of service attack against their public websites and URLs before and after the unauthorized transactions occurred.
Many still expect the White House to soon issue a presidential order on cybersecurity since Congress has yet to pass legislation in final form. The White House has also posted the October proclamation of National Cybersecurity Awareness Month on its website.