Cyber crooks increasingly target small business accounts

[InfoSec News <alerts () infosecnews org>]

http://www.computerworld.com/s/article/9137112/Cyber_crooks_increasingly_target_small_business_accounts?taxonomyId=17

By Jaikumar Vijayan
August 25, 2009
Computerworld 

An organization representing more than 15,000 financial institutions has 
issued a warning about a growing wave of attacks against small banks and 
businesses by cyber criminals using stolen banking credentials to 
plunder corporate accounts.

In an alert to its members earlier this month, NACHA -- the Electronics 
Payments Association said that attackers are increasingly stealing onine 
banking credentials, such as user names and paswords, from small 
businesses by using keystroke logging tools and other malware. The cyber 
criminals are using the stolen credentials to 'raid' and 'take over' 
corporate accounts and initiate the unauthorized transfer of funds over 
electronic payment networks.

NACHA oversees the Automated Clearing House (ACH) electronic payments 
network. A similar alert that was sent out confidentially last Friday to 
members of the Financial Services Information Sharing and Analysis 
Center, according to a story published in the Washington Post yesterday. 
According to the Post, the alert identified organized cyber groups in 
Eastern Europe as being predominantly responsible for illegally 
siphoning millions of dollars off corporate accounts and sent overseas 
via popular money and wire transfer services.

The Financial Services Information Sharing and Analysis Center was 
formed by major financial services firms to share information about 
potential physical and cyber threats to their companies.

[...]


________________________________________
Subscribe to InfoSec News
http://www.infosecnews.org