Wire and Online Banking Fraud Continues to Spike for Businesses

By Button, Keith | American Banker, October 8, 2013 | Go to article overview

Wire and Online Banking Fraud Continues to Spike for Businesses


Button, Keith, American Banker


Byline: Keith Button

A $1.5 million bank/wire fraud case made big news this summer, but experts say that malware and other online threats to banks' business clients have been spiking for at least a year.

The Associated Press reported in July that the bank account of a California escrow firm, Efficient Services Escrow Group, was hacked in December 2012 and January 2013, with three payments totaling $1.5 million wired to accounts in China and Russia. Only $432,215 was recovered, and the company was shut down.

During the last 15 months, "we're hearing that the fraud has evolved, there are new types of malware being deployed and, particularly in those banks that have yet to put in robust solutions, we're seeing that fraud spike again," says Shirley Inscoe, senior analyst with Aite Group.

In late 2008 and 2009, several targeted ACH and wire fraud attacks on banks' business clients prompted an FBI-published alert and lawsuits against banks, Inscoe says. Then banks started implementing ACH and wire fraud solutions that would alert them to suspicious activity in their business client accounts, so they could identify potential fraud before money left an account.

The major difference between the current spike and the 2008-to-2009 attacks is that the earlier attacks were fairly simple to commit. Typically the fraudsters gained the customer's credentials through keylogging software or other techniques, then went online and made the fraudulent transaction, Inscoe says.

"Now, they're more sophisticated, and having to work a lot harder to impersonate the customer," she says.

One banker told her he had no ACH or wire fraud losses in his corporate client accounts for 12 months, then three large incidents within the past year.

Banks need to focus their security measures particularly on internal employee accounts and privileged accounts, said Avivah Litan, Gartner vice president.

One of the most recent online crimes has been payment switch takeovers, in which a privileged user account is taken over by a fraudster to access the bank's wire application, Litan said.

In September 2012, the FBI issued a fraud alert reporting a new trend of cyber criminals using phishing e-mails, keystroke loggers and remote access Trojans, including variations of the Zeus malware, to infiltrate banking networks and to steal credentials, which were used to authorize overseas wire transfers.

Litan said the online criminal rings "are starting to break some of the techniques that banks are using to protect themselves, so it continues to be a cat and mouse game. The banks put a lot of protections in place, but the bad guys are still getting around some of them."

The current wave of attacks use a lot of man-in-the-browser techniques, intercepting the activity between the client and bank after a hard-token number is keyed by the client, Inscoe says. With a man-in-the-browser scam, the real client starts a banking session and the fraudster, through the use of malware, injects himself into the transaction. In some cases the victim will see a screen indicating that there is a problem with the bank's website, and wait patiently while the fraudulent transactions are completed.

The malware is sometimes loaded through a website that is visited by a bank client employee. But with business bank clients, more often the entry results from spear phishing of key employees, such as controllers, accountants or bookkeepers.

Another popular technique is email account takeover, where a customer has been corresponding via email with a banker and the fraudster takes over and instructs the banker to send a wire, Inscoe says.

"Now, that may be against bank policy, but the banker has interacted via email with his client several times before, and there have been no issues. So in the name of customer service, he might send that wire, per the instructions in the email, which was in reality from a fraudster and not a true client," she says. …

The rest of this article is only available to active members of Questia

Already a member? Log in now.

Notes for this article

Add a new note
If you are trying to select text to create highlights or citations, remember that you must now click or tap on the first word, and then click or tap on the last word.
One moment ...
Default project is now your active project.
Project items
Notes
Cite this article

Cited article

Style
Citations are available only to our active members.
Buy instant access to cite pages or passages in MLA 8, MLA 7, APA and Chicago citation styles.

(Einhorn, 1992, p. 25)

(Einhorn 25)

(Einhorn 25)

1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25, http://www.questia.com/read/27419298.

Note: primary sources have slightly different requirements for citation. Please see these guidelines for more information.

Cited article

Wire and Online Banking Fraud Continues to Spike for Businesses
Settings

Settings

Typeface
Text size Smaller Larger Reset View mode
Search within

Search within this article

Look up

Look up a word

  • Dictionary
  • Thesaurus
Please submit a word or phrase above.
Print this page

Print this page

Why can't I print more than one page at a time?

Help
Full screen
Items saved from this article
  • Highlights & Notes
  • Citations
Some of your highlights are legacy items.

Highlights saved before July 30, 2012 will not be displayed on their respective source pages.

You can easily re-create the highlights by opening the book page or article, selecting the text, and clicking “Highlight.”

matching results for page

    Questia reader help

    How to highlight and cite specific passages

    1. Click or tap the first word you want to select.
    2. Click or tap the last word you want to select, and you’ll see everything in between get selected.
    3. You’ll then get a menu of options like creating a highlight or a citation from that passage of text.

    OK, got it!

    Cited passage

    Style
    Citations are available only to our active members.
    Buy instant access to cite pages or passages in MLA 8, MLA 7, APA and Chicago citation styles.

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn, 1992, p. 25).

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn 25)

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn 25)

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences."1

    1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25, http://www.questia.com/read/27419298.

    Cited passage

    Thanks for trying Questia!

    Please continue trying out our research tools, but please note, full functionality is available only to our active members.

    Your work will be lost once you leave this Web page.

    Buy instant access to save your work.

    Already a member? Log in now.

    Search by... Author
    Show... All Results Primary Sources Peer-reviewed

    Oops!

    An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.