As awareness of cyber scams increases in the consumer and large corporate space, cyber criminals are seeking new victims—small and midsize U.S. businesses.
According to a report in the Los Angeles Times, criminal gangs—mainly in Eastern Europe—are finding ways to bilk companies and local municipal agencies out of hundreds of thousands of dollars.
The attackers' typical MO is similar to consumer phishing scams. They send an email with an infected attachment or link to a company's controller or treasurer, who then unknowingly downloads the malware. The gangs are then able to steal the business's passwords and begin performing wire transfers.
And the gangsters are smart, taking lumps of money out in increments of less than $10,000 to avoid raising any red flags in the company's anti-money laundering software.
The LA Times says the Financial Services Information Sharing and Analysis Center, an industry group created to share data about threats to the financial sector, sent out an alert to its members—large financial organizations—telling them of this new trend and urging them to implement similar fraud controls on the commercial banking side as they do for their consumer customers.
For more information, see Cyber-gangs are raiding U.S. companies' bank accounts.