New Wave of Wire Fraud Strikes Banks

Institutions, Customers Lose $11 Million in Bogus Transfers

By , April 27, 2011.
New Wave of Wire Fraud Strikes Banks

B

See Also: Breaking Down Ease-of-Use Barriers to Log Data Analysis for Security

etween March 2010 and April 2011, 20 incidents of wire fraud hit small and mid-sized U.S. businesses after online banking credentials were compromised. All of the transfers - typically ranging between $50,000 to $985,000 - were routed to Chinese economic and trade companies located near the Russian border.

This news comes from an advisory issued by the Federal Bureau of Investigation, the Financial Services Information Sharing and Analysis Center and the Internet Crime Complaint Center about the unauthorized wire transfers being routed to China. Most of the small-business victims hold accounts with community banks and credit unions, some of which use third-party service providers for online banking services.

So far, the 20 incidents tracked by the FBI total $20 million in fraudulent transfer attempts. Actual losses associated with fraudulent transactions, however, total $11 million. Phishing appears to be the point of entry for most of the attacks.

George Tubin, a fraud analyst at TowerGroup, says these incidents prove additional online authentication guidance from the Federal Financial Institutions Examination Council is needed now more than ever. [See FFIEC: Where is Authentication Guidance?]

"The proposed FFIEC supplement is required to keep small businesses and small institutions safe from advanced cyberfraud techniques," Tubin says. "These new techniques circumvent standard multifactor authentication technologies used by the majority of U.S. banks. The biggest tragedy with small-business cyberfraud is that the business entity is most often held liable for the losses, which can be debilitating for these small businesses." [See ACH Fraud Fight: Beyond Technology]

ACH Fraud: Not Going Away

The ACH and wire fraud battle between small businesses and cybercriminals has been bloody. Often unprotected from and unaware of online security vulnerabilities, small-to-midsized businesses have in recent years been hit hard by online security breaches that lead to ACH and wire fraud, also known as corporate account takeover.

Fraud incidents have fueled a heated debate over liability between commercial customers and their banks, and was a catalyst for the FFIEC's review of an update to its 2005 online authentication guidance. [See Fraud Victim Favors Draft Guidance]

Michigan-based Experi-Metal Inc., which is awaiting a verdict in its suit against Comerica Bank for fraudulent transfers the bank approved, lost more than $25,000 to ACH fraud. The EMI case is the first major corporate account takeover incident to actually go to trial.

Other corporate account takeover victims include:

  • Village View Escrow of Redondo Beach, Calif., which in March 2010 lost $465,000 to an online hack;
  • Choice Escrow, which in November 2010 sued its bank, BankcorpSouth, alleging inadequate security measures;
  • Hillary Machinery, which in January 2010 was sued by its bank, PlainsCapital Bank, after a legal battle over ACH fraud liability. The suit was later settled for undisclosed terms;
  • The Catholic Diocese of Des Moines, Iowa, which in August 2010 lost $600,000 in fraudulent ACH transactions.

What Stands Out About the China Transfers

In this most recent wave of attacks being tracked by the FBI, the majority of attempted wire transfers have exceeded $900,000, though most have not been completed. The most successful wire transfers have fallen below $500,000. ACH transfers also have been initiated, typically ranging from $222,500 to $1.28 million.

Follow Tracy Kitten on Twitter: @FraudBlogger

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Adobe Flash Is Under Attack - Again

For the third time in recent weeks, in-the-wild attacks are exploiting a newly discovered zero-day...

Latest Tweets and Mentions

ARTICLE Adobe Flash Is Under Attack - Again

For the third time in recent weeks, in-the-wild attacks are exploiting a newly discovered zero-day...

The ISMG Network