Church Latest Victim of ACH Fraud

Diocese of Des Moines Loses $600,000 to Fraudsters

By Linda McGlasson, September 1, 2010.
Church Latest Victim of ACH Fraud

O

See Also: Breaking Down Ease-of-Use Barriers to Log Data Analysis for Security

ver a weekend in August, the Catholic Diocese of Des Moines, Iowa, fell victim to a $600,000 ACH fraud theft and becomes another in the growing list of businesses and entities that have suffered huge losses as a result of these crimes.

The church says it was victimized by criminals who illegally obtained its banking information in order to transfer funds to numerous "money mule" recipients across the United States on Aug. 13 and 16.

The Diocese is but the latest of many such incidents to have hit the nation's businesses and government entities over the past year. The Federal Bureau of Investigation estimates that 205 separate businesses have reported incidents of corporate account take-over since 2004 -- the bulk of them in the past year, with estimated fraud losses topping $40 million.

The increasing trend for criminals attacking mid-level targets is disturbing, but expected, says Chris Roberts, managing director at One World Labs, who has seen similar attacks recently in his investigations. "[The victims] don't have the same level of scrutiny that the major organizations go through, and they are less protected, less aware of the dangers."

How Diocese Theft Happened

Anne Marie Cox, spokeswoman for the Diocese of Des Moines, says the church was informed of the theft by Bankers Trust of Des Moines on the morning of Aug. 17. The bank shut down all relevant bank accounts. Cox says the diocese instructed the bank to start the process of recovering funds, where possible. To date, approximately $180,000 has been recovered, Cox says. How the criminals got the diocese's banking credentials is still not fully known.

As the diocese was alerted, the FBI and Treasury Department were both notified, says Cox. The FBI started its investigation and took several computers from the diocese for forensic evaluation.

Cox says the diocese's insurance carrier and lawyer also have been notified of the crime. Law enforcement officials say the diocese "seems to have been the victim of a highly sophisticated operation, most likely based overseas, which engages participation of individuals who unknowingly act as intermediaries of the funds obtained by theft," says Cox.

At this point, none of the staff is suspected of being involved in the incident. "While the Diocese of Des Moines is protected by insurance and anticipates the restoration of the funds, we have been advised that such criminal activity is rampant," says Bishop Richard Pates, the Bishop of Des Moines. The Diocese of Des Moines has banked with Bankers Trust for more than 27 years.

In a prepared statement, Bankers Trust says it takes security very seriously, and its systems are federally regulated, tested and approved. The bank says its Internet system was not breached and "continues to be secure."

Common Themes

The diocese is the latest victim in a spree of corporate account take-over incidents, including:

  • Hillary Machinery vs. PlainsCapital Bank -- the recently settled case in which a bank sued its own customer;
  • Experi-Metal Inc. vs. Comerica Bank -- the case headed to trial of a customer suing its bank over fraud losses;
  • PATCO vs. Peoples Bank -- one of the more recent cases to emerge nationwide, impacting banks and businesses of all sizes;
  • Village View Escrow -- a case in California caused when Professional Business Bank's e-mail verification service was disabled by cybercriminals.
  • Hi-Line Supply -- a business telephone equipment company in Rockwall, Texas, is in court trying to force Community Bank Inc. to settle a liability claim for $50,000 over an alleged incident of corporate account take-over.

Every business is a target in the ACH fraud realm, says Roberts of One World Labs. He's dealt with property management companies that were hit in the same way. "These companies had their cash taken directly out of their accounts, all nicely removed 'above board' through wire transfers."

The last case Roberts dealt with traced the inbound connections from both China and Turkey. The criminals ultimately took both the money and the client information to Estonia, Germany and China.

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Cloud Security Certification Launched

(ISC)² and the Cloud Security Alliance have unveiled a new cloud security professional...

Latest Tweets and Mentions

ARTICLE Cloud Security Certification Launched

(ISC)² and the Cloud Security Alliance have unveiled a new cloud security professional...

The ISMG Network