Posted on 01/19/2011 6:00:48 PM PST by decimon
Small businesses have a new scam to worry about: criminal job applicants who want to hack into online bank accounts.
The U.S. Federal Bureau of Investigation issued a warning Wednesday about a new twist on a long-running computer fraud technique, known as Automated Clearing House fraud.
With ACH fraud, criminals install malicious software on a small business' computer and use it to log into the company's online bank account. They set up bogus fund transfers, adding fake employees or payees, and then move the money offshore.
Scammers can move hundreds of thousands of dollars in a matter of hours using this technique. They often target small businesses that use regional banks or credit unions, which often don't have the resources to identify and block the fraudulent transfers.
In this latest twist on the scam, the criminals are apparently looking for companies that are hiring online and then sending malicious software programs that are doctored to look like job applications.
An unnamed U.S. company recently lost $150,000 in this way, according to the FBI's Internet Crime Complaint Center. "The malware was embedded in an e-mail response to a job posting the business placed on an employment website," the FBI said in a press release. The malware, a variant of the Bredolab Trojan, "allowed the attacker to obtain the online banking credentials of the person who was authorized to conduct financial transactions within the company."
(Excerpt) Read more at news.yahoo.com ...
The ever fertile criminal mind. Wow
We scan all incoming mail, even from our own website. Spammers(and worse) love to abuse web pages, especially those with online forms. I see this particular piece of malware blocked, at least several times per week. I'll have to check the logs to see if it's coming from our HR forms/online apps.
I recently applied for a 'warehouse' job. Soon after, I got a GAZILLION personalized emails requesting that I jump into some hiring pool for a warehouse position. JUST CLICK HERE! Not a chance.
Innerestin’.
It’s sad, but no AV is able to keep track of the flow of Windows malware. New vulnerabilities are found every week. They are exploited within hours by bandits. No protection software can keep up.
Antivirus software is protecting against yesterday’s threats only.
If you are a business and you access your bank account from a Windows PC that is not entirely dedicated and isolated from your network, you WILL get infected by malware.
Use a Mac or a Linux desktop.
Ping for MSAN.
Why haven’t I been impacted then...been online for years with windows.
Quit spreading FUD about things...as if Mac or Linux don’t have issues.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.