The FBI has issued a fraud alert that warns financial institutions that some cyber criminals have shifted their point of attack away from financial institution customers and members instead are directly targeting credit union and bank employees and their computers.
The alert pulled no punches: “Recent FBI reporting indicates a new trend in which cyber criminal actors are using spam and phishing e-mails, keystroke loggers, and Remote Access Trojans (RAT) to compromise financial institution networks and obtain employee login credentials. The stolen credentials were used to initiate unauthorized wire transfers overseas. The wire transfer amounts have varied between $400,000 and $900,000, and, in at least one case, the actor(s) raised the wire transfer limit on the customer’s account to allow for a larger transfer.”
The FBI indicated that the primary targets have been employees at small to medium-sized banks and credit unions.
For years the focus has been on guarding against infected computers used by members or customers. When the infection is inside the corporate firewall – on employee computers – defenses are less well defined, said Tubin.
Tubin added that from where he sits the two best lines of defense by credit unions are to, first, educate employees about malware (“they need to know not to click on links”) and, secondly, to implement technology inside the institution that continuously searches for malware before it has actually compromised any machines.
“We need to focus on the root cause and that is malware,” said Tubin.
He added: “For the FBI to issue a warning, this has to have reached a critical mass” – that is, there need to have been enough instances before the FBI takes this kind of action.