Unsolved
This post is more than 5 years old
3 Apprentice
•
8.8K Posts
0
9775
FBI warning : New malware targeting bank accounts
FBI warns vs new malware targeting bank accounts
The US Federal Bureau of Investigation (FBI) has warned the public
against a new malware targeting bank accounts via faux emails from the
National Automated Clearing House Association (NACHA), the Federal
Reserve Bank, or the Federal Deposit Insurance Corporation (FDIC).
against a new malware targeting bank accounts via faux emails from the
National Automated Clearing House Association (NACHA), the Federal
Reserve Bank, or the Federal Deposit Insurance Corporation (FDIC).
In a news release, the FBI said the malware, a new variant of the
Zeus malware dubbed "Gameover," can allow access to recipients' bank
accounts.
Zeus malware dubbed "Gameover," can allow access to recipients' bank
accounts.
"(O)nce it’s on your computer, it can steal usernames and
passwords and defeat common methods of user authentication employed by
financial institutions. And once the crooks get into your bank account,
it’s definitely 'game over,'" it said.
passwords and defeat common methods of user authentication employed by
financial institutions. And once the crooks get into your bank account,
it’s definitely 'game over,'" it said.
It noted the Zeus malware had been created several years ago and specifically targeted banking information.
The FBI said computer users must make sure their computers' anti-virus software is up to date.
"Don’t click on e-mail attachments from unsolicited senders.
NACHA, FDIC, and the Federal Reserve all say they don’t send out
unsolicited e-mails to bank account holders. If you want to confirm
there’s a problem with your account or one of your recent transactions,
contact your financial institution directly," it advised.
NACHA, FDIC, and the Federal Reserve all say they don’t send out
unsolicited e-mails to bank account holders. If you want to confirm
there’s a problem with your account or one of your recent transactions,
contact your financial institution directly," it advised.
Also, it advised users not to accept unsolicited jobs online that
require them to receive funds from numerous bank accounts and then wire
the money to overseas accounts.
require them to receive funds from numerous bank accounts and then wire
the money to overseas accounts.
"You could get caught up in a criminal investigation," it said.
How the scheme works
A recipient may get a supposed unsolicited e-mail from NACHA, the
Federal Reserve, or the FDIC telling him or her that there is a problem
with his or her bank account or a recent ACH (Automated Clearing House)
transaction.
Federal Reserve, or the FDIC telling him or her that there is a problem
with his or her bank account or a recent ACH (Automated Clearing House)
transaction.
The message includes a link in the e-mail that will supposedly help resolve whatever the issue is.
"Unfortunately, the link goes to a phony website, and once you’re
there, you inadvertently download the Gameover malware, which promptly
infects your computer and steals your banking information," the FBI
said.
there, you inadvertently download the Gameover malware, which promptly
infects your computer and steals your banking information," the FBI
said.
Once the perpetrators access a victim's account, they conduct a distributed denial of service, or DDoS, attack using a botnet.
A botnet involves multiple computers flooding the financial
institution’s server with traffic in an effort to deny legitimate users
access to the site, "probably in an attempt to deflect attention from
what the bad guys are doing."
institution’s server with traffic in an effort to deny legitimate users
access to the site, "probably in an attempt to deflect attention from
what the bad guys are doing."
Recent investigation
Recent investigations showed some of the funds stolen from bank
accounts go towards the purchase of precious stones and expensive
watches from high-end jewelry stores.
accounts go towards the purchase of precious stones and expensive
watches from high-end jewelry stores.
The criminals contact these jewelry stores, tell them what they’d
like to buy, and promise they will wire the money the next day.
like to buy, and promise they will wire the money the next day.
So the next day, a person involved in the money laundering aspect
of the crime, a “money mule,” comes into the store to pick up the
merchandise.
of the crime, a “money mule,” comes into the store to pick up the
merchandise.
After verifying that the money is in the store’s account, the
jewelry is turned over to the mule, who then gives the items to the
organizers of the scheme or converts them for cash and uses money
transfer services to launder the funds.
jewelry is turned over to the mule, who then gives the items to the
organizers of the scheme or converts them for cash and uses money
transfer services to launder the funds.
'Work at home'
"In many cases, these money mules are willing participants in the
criminal scheme. But increasingly, as part of this scheme, we see an
increasing number of unsuspecting mules hired via 'work at home'
advertisements who end up laundering some of the funds stolen from bank
accounts," the FBI said.
criminal scheme. But increasingly, as part of this scheme, we see an
increasing number of unsuspecting mules hired via 'work at home'
advertisements who end up laundering some of the funds stolen from bank
accounts," the FBI said.
It said the criminals e-mail prospective candidates claiming to have seen their resumes on job websites and offer them a job.
The hired employees are provided long and seemingly legitimate work contracts and actual websites to log into.
"They’re instructed to either open a bank account or use their own
bank account in order to receive funds via wire and ACH transactions
from numerous banks…and then use money remitting services to send the
money overseas," the FBI said.
bank account in order to receive funds via wire and ACH transactions
from numerous banks…and then use money remitting services to send the
money overseas," the FBI said.
It urged those who think they had been victimized by this type of
scheme to contact their financial institution to report it, and file a
complaint with the FBI’s Internet Crime Complaint Center. — TJD, GMA News
scheme to contact their financial institution to report it, and file a
complaint with the FBI’s Internet Crime Complaint Center. — TJD, GMA News