Authorities are warning credit unions, community banks and small businesses to be wary of a cyber scam that’s sent $11 million so far to Chinese economic and trade companies from online banking accounts in the United States.
Twenty incidents involving small to medium-sized businesses have been identified so far, the FBI said, and typically happened when someone at the company unknowingly visited an infected website or fell for a phish.
“Like most account takeover fraud, the victims tend to be small to medium-sized businesses and public institutions that have accounts at local community banks and credit unions, some of which use third-party service providers for online banking services,” said the Internet Crime Complaint Center (IC3), a partner with the FBI in the case.
The FBI said the recipients of the illicit wire transfers were apparently legitimate, registered companies in port cities in the Heilongjiang province near the Russian border and that the transfers have ranged in size from $50,000 to $985,000.
As soon as the money arrived in their accounts, it was withdrawn, the IC3 said.
“At this time it is unknown who is behind these unauthorized transfers … or why the legitimate companies received the unauthorized funds,” the organization said.
“Money transfers to companies that contain these described characteristics should be closely scrutinized,” the IC3 said. It said the banks in China receiving the funds included the Agricultural Bank of China, the Industrial and Commercial Bank of China and the Bank of China.
The IC3 said malware involved included ZeuS, Backdoor.bot and Spybot and said in one case the hard drive of the compromised computer was erased remotely before the IT department could investigate.