The FBI released a statement this week warning small and medium businesses about a significant increase in fraud involving valid online banking credentials.
“Within the last several months, the FBI has seen a significant increase in fraud involving the exploitation of valid online banking credentials belonging to small and medium businesses, municipal governments, and school districts. In a typical scenario, the targeted entity receives a “spear phishing” e-mail which either contains an infected attachment, or directs the recipient to an infected website. Once the recipient opens the attachment or visits the website, malware is installed on their computer. The malware contains a key logger which will harvest each recipient’s business or corporate bank account login information.”
The victims in this particular type of scheme are being referred to as “Money Mules” because they simply serve as a conduit between the SMB’s business bank account and the hacker’s bank account. In most cases, the funds disappear to a foreign bank account too quickly for the cyber theft trail to be detected.
It makes sense that small and medium businesses are targeted most often; hackers score more dollars per incident from business banking accounts than consumers. As a result of the heightened risk associated with the Money Mule scheme, the FBI encourages all business banking customers that use online banking to contact their financial institution and inquire about the security measures in place to help prevent Money Mule attacks.
