On the heels of the Verizon / Secret Service report we looked at last week, the FBI issued a fraud alert saying they are seeing a pattern of small to medium sized businesses having their online banking credentials compromised and large amounts of money illegally transferred to Chinese economic and trade companies located near the Russian border.
The method of attack is a familiar one. Computer in the accounting department or the controller’s office is compromised by a phishing e-mail or malicious website and a keystroke logger is installed. Once the bad guys have the log-in info they redirect the users computer to a fake site stating the bank’s web site is down for maintenance and they start making unauthorized transfers to intermediate banks typically located in New York.
Sadly, there are signs these attacks are getting more sophisticated. The FBI reports they are even able to compromise accounts using dual factor authentication; your password and a number generated by a security token.
What’s to be done about this? Small Business USA needs to realize they are being targeted and take appropriate action. We strongly suggest businesses take the following 10 steps immediately.
1. Identify all computers used to make financial transactions.
2. If not implementing on a new computer, scan to make sure no malware has already been installed.
3. Restrict usage rights to Standard User. If some applications require administrative rights use a technology like Privilege Guard.
4. Update systems a soon as possible with new security patches. Monitor these systems to make sure they’re current.
5. Insure AV software is current and runs nightly scans.
6. Employ real-time web blocking at the firewall or DNS level.
7. Keep the financial staff up-to-date on the most recent scams. Good security is as much a mindset as anything.
8. Work with your bank to require ACH and wire transfer payments be initiated from one computer but released from a second.
9. Talk to your financial institution about Positive Pay and other services such as SMS texting, call backs, and batch limits to help protect against altered checks, counterfeit check fraud and unauthorized ACH transactions.
10. When logging into your account, you encounter a message that the system is unavailable, contact your financial institution immediately.