Cyber Criminals Now Target Small And Medium EnterprisesSITUATIONCyber criminals have moved beyond simple identity         ...
These Mules Move MoneySITUATION                                                            banks, setting up new accounts ...
Is Your Health-Care In Danger From Cyber-Gangs?SITUATIONOrganized cybercrime has shifted its focus to small               ...
Is Your Health-Care In Danger From Cyber-Gangs?SITUATION                                                            Compar...
Is Your Health-Care In Danger From Cyber-Gangs?SITUATION                                                            Compar...
Cyber Birds Of Prey Hunt Small BusinessSITUATION                                                             DIGITAL CRIME...
Looking At The Bank’s Role In CybertheftSITUATION                                                                 4. TD Ba...
Job Applications Open Door To CybertheftSITUATION                                                            The Trojan wa...
Hackers Crack Library Without A Card: Making WithdrawalsWithout A Library CardSITUATION                                   ...
Losing The Trust In A Trust FundSITUATION                                                            over her accounts, de...
School’s Out For Christmas, Hackers Get PresentsSITUATION                                                            DIGIT...
Dentist Gets DrilledSITUATION                                                            But before they did that, they st...
An Apple A Day Didn’t Keep This Thief AwaySITUATION                                                            Compare tha...
Vandals Go To Town On Small TownsSITUATION                                                            We guess not because...
Cybercrime Attacks Charities - How Criminal Is That?SITUATION                                                            t...
Financial Institutions Fall Victim To Cyber-Theft –Could Internet Security Awareness Training Have Prevented The Larceny?S...
Case study joined
Case study joined
Case study joined
Upcoming SlideShare
Loading in …5
×

Case study joined

385 views

Published on

This is a Cyber Security Study ...

Published in: Economy & Finance, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
385
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Case study joined

  1. 1. Cyber Criminals Now Target Small And Medium EnterprisesSITUATIONCyber criminals have moved beyond simple identity Compare that to fraud statistics of Automatic Clearingtheft. They are now targeting small and medium Houses (credit card processors). The recent arrests “Lacking sophistication andbusinesses and local banks, using specialized banking connected with Zeus accounted for some 390 appropriate security, SMEs makemalware for cyber heists, using mainly the Zeus reported cases where $70 million was stolen from great targets for cyber gangs.botnet. These small and medium organizations accounts. The criminals had attempted to steal somerepresent good targets for organized cybercrime as $220 million. The investigation mainly netted the Cyber crime has moved beyondthey often lack the sophistication and knowledge of lowest ranks of the criminal network -- the so-called simple identity theft and is nowthe Fortune 1000 to prevent cyber attacks. money mules that remove stolen funds from their specializing in cyber heists: accounts and transfer the money to international emptying the bank accounts ofCASE IN POINT – accounts abroad. In general, the money mules are small and medium enterprises.”SANFORD DECEMBER 3, 2009 people who are duped into believing they arePatco Construction filed suit in York County Superior working for a legitimate company processing Case in Point: Patco ConstructionCourt Sept. 18, seeking the return of $345,000 not payments. in Sanford, Maine filed suitrecovered from $588,851 in funds hackers were able against its own bank seeking theto transfer to bank accounts out of the country from ANALYSIS return of $345,000 that wasPatco’s Ocean Bank. The illegal transfers began on The Internet is the crime scene of the 21st century. stolen by cyber criminals.May 7, when thieves hijacked the companys online Cyber theft is one of the biggest challenges facing ourbanking credentials, moving $56,594 to several society today. We can no longer remain ignorant andindividuals that had no prior business relationship hope it will go away. Banks and customers alike mustwith Patco. The transfers continued, and Patco educate themselves and give employees Internetofficials only learned the fraud was occurring because Security Awareness Training, including proceduressome of the funds were transferred to invalid bank and necessary security measures. Accounts must beaccounts. The company filed suit, alleging the bank monitored by companies on a regular basis andwas negligent in allowing cybercriminals to break questionable transactions queried immediately.through the security system. Simultaneously, banks must use the highest level of security to protect their customers. The financialDIGITAL CRIME OUTPACES REAL- relationship is at stake – trust is of utmostWORLD ROBBERIES importance. Today that trust must be earned on bothDigital crime now outpaces real-world bank robberies sides.in terms of losses. In 2009, there were 8,818 bankrobberies netting criminals an average of $4,029 -- atotal of about $35.5 million, according to the FBIsUniform Crime Reporting (UCR) program. However,60 percent of bank robbers were caught, often veryquickly. KnowBe4, LLC | 601 Cleveland Street, Suite 930, Clearwater, FL 33755 | Tel: 855-KNOWBE4 (566-9234) | www.KnowBe4.com | Email: sales@KnowBe4.com © 2011 KnowBe4, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
  2. 2. These Mules Move MoneySITUATION banks, setting up new accounts and withdrawing theIn illegal commerce vernacular, a mule is someone money for transfer. In the meantime their “Moneywho carries the contraband from one location to Lords” (like “Drug Lords”) remain hidden in the “Digital crime now outpacesanother. Recent history is full of stories of people background safe from scrutiny.carrying drugs across borders secreted on their real-world bank robberies inperson. Today’s mules are money mules and are often DIGITAL CRIME OUTPACES REAL- terms of losses. In 2009, thereinnocent dupes who move money from bank to bank. WORLD ROBBERIES were 8,818 bank robberies Digital crime now outpaces real-world bank robberies netting criminals an average ofCASE IN POINT – THE MONEY MULES in terms of losses. In 2009, there were 8,818 bank $4,029 -- a total of about $35.5When hackers steal from banks and other business robberies netting criminals an average of $4,029 -- a total of about $35.5 million, according to the FBIs million, according to the FBIsstructures they are left with a major problem – whatto do with the money? Stealing hundreds of Uniform Crime Reporting (UCR) program. However, Uniform Crime Reporting (UCR)thousands of dollars at a time requires a strategy so 60 percent of bank robbers were caught, often very program. However, 60 percent ofthat when the funds are distributed these criminal quickly. bank robbers were caught, oftendeposits don’t raise any red flags. This means that very quickly.”deposits cannot be in more than $5,000 increments Compare that to fraud statistics of Automatic Clearingor it is reported to the government. Therefore the Houses (credit card processors). The recent arrestsstolen funds have to be laundered at lower levels. connected with Zeus accounted for some 390Hackers bust into the accounts, using Trojans, reported cases where $70 million was stolen fromkeyloggers and other malicious software but then accounts. The criminals had attempted to steal somewhat do they do? $220 million. The investigation mainly netted the lowest ranks of the criminal network -- the so-calledTaking a page from their drug dealing friends, the money mules that remove stolen funds from theirmoney mules were invented. But instead of accounts and transfer the money to internationalsmuggling drugs, these mules are recruited to open accounts abroad. In general, the money mules aresham bank accounts to receive the money stolen people who are duped into believing they arefrom victim accounts. They then withdraw the funds working for a legitimate company processingfrom the shell accounts and transfer the money to payments.overseas bank accounts operated by the gangleaders. This is all done in increment amounts that ANALYSIScould elude detection by banks and law enforcement It is more than interesting to note that these theftsofficials. The mules retain somewhere between eight are first initiated through a phishing attack thatand ten percent as their cut of the illegal proceeds. enabled the malware to enter the computer network.There are hundreds if not thousands of mules This phishing started with a susceptible employeeoperating in the United States currently. who through his or her own ignorance clicked where they should not have clicked. Giving Internet SecurityWith the rise in unemployment and current economic Awareness Training to employees and executivesconditions, recruitment of mules is not a problem. (really anyone who even remotely touches aOnline job sites such as Careerbuilder have been used computer) , could prevent such massive thefts fromto find people. They run ads and hire recruiters to find happening, and is an essential part of ‘defense-in-new mules. The mules end up having to do the dirty depth’.work like their drug carrying brethren. They have todo the actual “dangerous” business of going into KnowBe4, LLC | 601 Cleveland Street, Suite 930, Clearwater, FL 33755 | Tel: 855-KNOWBE4 (566-9234) | www.KnowBe4.com | Email: sales@KnowBe4.com © 2011 KnowBe4, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
  3. 3. Is Your Health-Care In Danger From Cyber-Gangs?SITUATIONOrganized cybercrime has shifted its focus to small Compare that to fraud statistics of Automatic Clearinghealthcare providers. After having stolen millions Houses (companies in charge of electronic funds “According to Chief Executivefrom corporations and schools, greedy eyes have transfers and credit card payment processing. The recent arrests connected with Zeus accounted for Susan Brown, the thieves tried tomoved on to other “easy pickings” – to non-profitorganizations that service the uninsured and the some 390 reported cases where $70 million was steal more money – anotherdisabled. Is it because their defenses are so poor or stolen from accounts. The criminals had attempted to batch of $30,000 when the bankare they not educated enough about cyber-heists? steal some $220 million. The investigation mainly blocked the transfer at her netted the lowest ranks of the criminal network -- behest. Of course the bankCASE IN POINT – PUGET SOUND the so-called money mules that remove stolen funds blames Evergreen and EvergreenSEPTEMBER 9, 2010 from their accounts and transfer the money to blames the bank. Evergreen isOn the morning of September 9, 2010 the staff international accounts abroad. In general, the money mules are people who are duped into believing they still fighting with the bank toaccountant at the Evergreen Childrens Associationwoke up to find $30,000 missing from their bank are working for a legitimate company processing have the money reimbursed. ”account. No one at the organization had written a payments.check or authorized a transfer for that amount oranything close to it. Evergreen was in mystery as to ANALYSIShow so much money had virtually disappeared There is a distinctive pattern as to how these bankovernight. Virtual was the key word as cyber-thieves account invasions take place. First a targeted e-mailhad been hard at work ripping off this Seattle based is typically sent to the companys accountant ornon-profit organization to the tune of $30K. controller. The communication appears to beEvergreen provides childcare service on-site for public innocuous, but it is far from that. The messageschools in the Puget Sound area. contains either a virus-laden attachment or a link that -- when opened -- surreptitiously installsAccording to Chief Executive Susan Brown, the malicious software designed to steal passwords.thieves tried to steal more money – another batch of Armed with those credentials, the crooks then hacks$30,000 when the bank blocked the transfer at her the online banking accounts and initiate a series ofbehest. Of course the bank blames Evergreen and wire transfers.Evergreen blames the bank. Evergreen is still fightingwith the bank to have the money reimbursed. The real culprit is ignorance. This is not a matter ofWho is really to blame? Read our analysis below. just technology, it is just as much a matter of education. Someone clicked when they should notDIGITAL CRIME OUTPACES REAL- have clicked. Someone did not have adequateWORLD ROBBERIES security software installed or it was not up-to-date.Digital crime now outpaces real-world bank robberies Think before you click! Security is everyone’s’ job, andin terms of losses. In 2009, there were 8,818 bank Internet Security Awareness Training has becomerobberies netting criminals an average of $4,029 -- a urgent at this point.total of about $35.5 million, according to the FBIsUniform Crime Reporting (UCR) program. However,60 percent of bank robbers were caught, often veryquickly. KnowBe4, LLC | 601 Cleveland Street, Suite 930, Clearwater, FL 33755 | Tel: 855-KNOWBE4 (566-9234) | www.KnowBe4.com | Email: sales@KnowBe4.com © 2011 KnowBe4, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
  4. 4. Is Your Health-Care In Danger From Cyber-Gangs?SITUATION Compare that to fraud statistics of Automatic ClearingOrganized cybercrime has shifted its focus to small Houses (companies in charge of electronic fundshealthcare providers. After having stolen millions transfers and credit card payment processing). The “Using a team of “money mules”,from corporations and schools, their greedy eyes have recent arrests connected with Zeus accounted for the attackers sent $44,000 tomoved on to local community based health-care some 390 reported cases where $70 million was their own banks which was thenproviders. Could poorly or untrained employees be at stolen from accounts. The criminals had attempted to steal some $220 million. The investigation mainly rapidly wired to organized crimethe root of these attacks being successful? netted the lowest ranks of the criminal network -- accounts in Eastern Europe. TheCASE IN POINT – NORTHEAST GEORGIA the so-called money mules that remove stolen funds mules got their commission andSEPTEMBER 2, 2010 from their accounts and transfer the money to the gang lords got the bulk ofMedLink is a fully staffed year-round primary care international accounts abroad. In general, the money the transfer.“organization with a central administrative office and mules are people who are duped into believing theyclinic sites throughout northeast Georgia. In early are working for a legitimate company processing Per Gary Franklin, MedLinkSeptember, 2010 cyber-criminals attacked the payments. Georgias chief financial officer,accounts of this healthcare provider. Hackers got the companys bank reversedaccess to the login and password to Medlink’s online ANALYSIS There is a distinctive pattern as to how these bank some of the fraudulent transfers,bank account and the cyber-heist was well over$40K. Using a team of “money mules”, the attackers account invasions take place. First a targeted e-mail but apparently transfers valuedsent $44,000 to their own banks which was then is typically sent to the companys accountant or at $15,000 were not accountedrapidly wired to organized crime accounts in Eastern controller. The communication appears to be for and may not be recovered.Europe. The mules got their commission and the innocuous, but it is far from that. The messagegang lords got the bulk of the transfer. contains either a virus-laden attachment or a link that -- when opened -- surreptitiously installsPer Gary Franklin, MedLink Georgias chief financial malicious software designed to steal passwords.officer, the companys bank reversed some of the Armed with those credentials, the crooks then hacksfraudulent transfers, but apparently transfers valued the online banking accounts and initiate a series ofat $15,000 were not accounted for and may not be wire transfers.recovered. The real culprit is ignorance. This is not a matter ofDIGITAL CRIME OUTPACES REAL- just technology, it is just as much a matter ofWORLD ROBBERIES education. Someone clicked when they should notDigital crime now outpaces real-world bank robberies have clicked. Someone did not have adequatein terms of losses. In 2009, there were 8,818 bank security software installed or it was not up-to-date.robberies netting criminals an average of $4,029 -- a Think before you click! Security is everyone’s’ job, andtotal of about $35.5 million, according to the FBIs Internet Security Awareness Training has becomeUniform Crime Reporting (UCR) program. However, urgent at this point.60 percent of bank robbers were caught, often veryquickly. KnowBe4, LLC | 601 Cleveland Street, Suite 930, Clearwater, FL 33755 | Tel: 855-KNOWBE4 (566-9234) | www.KnowBe4.com | Email: sales@KnowBe4.com © 2011 KnowBe4, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
  5. 5. Is Your Health-Care In Danger From Cyber-Gangs?SITUATION Compare that to fraud statistics of Automatic ClearingOrganized cybercrime has shifted its focus to small Houses (companies in charge of electronic fundshealthcare providers. After having stolen millions transfers and credit card payment processing). The “Using a team of “money mules”,from corporations and schools, their greedy eyes have recent arrests connected with Zeus accounted for the attackers sent $44,000 tomoved on to local community based health-care some 390 reported cases where $70 million was their own banks which was thenproviders. Could poorly or untrained employees be at stolen from accounts. The criminals had attempted to steal some $220 million. The investigation mainly rapidly wired to organized crimethe root of these attacks being successful? netted the lowest ranks of the criminal network -- accounts in Eastern Europe. TheCASE IN POINT – NORTHEAST GEORGIA the so-called money mules that remove stolen funds mules got their commission andSEPTEMBER 2, 2010 from their accounts and transfer the money to the gang lords got the bulk ofMedLink is a fully staffed year-round primary care international accounts abroad. In general, the money the transfer.“organization with a central administrative office and mules are people who are duped into believing theyclinic sites throughout northeast Georgia. In early are working for a legitimate company processing Per Gary Franklin, MedLinkSeptember, 2010 cyber-criminals attacked the payments. Georgias chief financial officer,accounts of this healthcare provider. Hackers got the companys bank reversedaccess to the login and password to Medlink’s online ANALYSIS There is a distinctive pattern as to how these bank some of the fraudulent transfers,bank account and the cyber-heist was well over$40K. Using a team of “money mules”, the attackers account invasions take place. First a targeted e-mail but apparently transfers valuedsent $44,000 to their own banks which was then is typically sent to the companys accountant or at $15,000 were not accountedrapidly wired to organized crime accounts in Eastern controller. The communication appears to be for and may not be recovered.Europe. The mules got their commission and the innocuous, but it is far from that. The messagegang lords got the bulk of the transfer. contains either a virus-laden attachment or a link that -- when opened -- surreptitiously installsPer Gary Franklin, MedLink Georgias chief financial malicious software designed to steal passwords.officer, the companys bank reversed some of the Armed with those credentials, the crooks then hacksfraudulent transfers, but apparently transfers valued the online banking accounts and initiate a series ofat $15,000 were not accounted for and may not be wire transfers.recovered. The real culprit is ignorance. This is not a matter ofDIGITAL CRIME OUTPACES REAL- just technology, it is just as much a matter ofWORLD ROBBERIES education. Someone clicked when they should notDigital crime now outpaces real-world bank robberies have clicked. Someone did not have adequatein terms of losses. In 2009, there were 8,818 bank security software installed or it was not up-to-date.robberies netting criminals an average of $4,029 -- a Think before you click! Security is everyone’s’ job, andtotal of about $35.5 million, according to the FBIs Internet Security Awareness Training has becomeUniform Crime Reporting (UCR) program. However, urgent at this point.60 percent of bank robbers were caught, often veryquickly. KnowBe4, LLC | 601 Cleveland Street, Suite 930, Clearwater, FL 33755 | Tel: 855-KNOWBE4 (566-9234) | www.KnowBe4.com | Email: sales@KnowBe4.com © 2011 KnowBe4, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
  6. 6. Cyber Birds Of Prey Hunt Small BusinessSITUATION DIGITAL CRIME OUTPACES REAL-WORLDSmall businesses are notorious for lack of security ROBBERIESprocedures. Little or no IT staff, busy owners, inadequately Digital crime now outpaces real-world bank robberies intrained staff and lax procedures open the door to terms of losses. In 2009, there were 8,818 bank robberies “Small-town banking just doescybercrimes. In fact the door is wide open. And to make netting criminals an average of $4,029 -- a total of about not have the same securitymatters worse, banks are refusing to be the fall-guy and $35.5 million, according to the FBIs Uniform Crime resources as the bigger banks.accuse account holders of poor security practices. Small Reporting (UCR) program. However, 60 percent of bankbusinesses thus become easy targets for cyber-attacks robbers were caught, often very quickly. Moreover, companies simply dowith few financial or technical resources to stop them. not have legal protection fromOften times, the banks involved are small as well. Compare that to fraud statistics of Automatic Clearing identity fraud, unlike individualSmall-town banking just does not have the same security Houses (companies in charge of electronic funds transfers consumers, and are forced toresources as the bigger banks. Moreover, companies simply and credit card payment processing). The recent arrestsdo not have legal protection from identity fraud, unlike connected with Zeus accounted for some 390 reported absorb the losses caused byindividual consumers, and are forced to absorb the losses cases where $70 million was stolen from accounts. The cyber theft. ”caused by cyber theft. criminals had attempted to steal some $220 million. The investigation mainly netted the lowest ranks of theBut who is really to blame? criminal network -- the so-called money mules that remove stolen funds from their accounts and transfer theCASE IN POINT – MODESTO, money to international accounts abroad. In general, theCALIFORNIA FEBRUARY 8, 2010 money mules are people who are duped into believingWhen David Johnston woke up that morning, the last they are working for a legitimate company processingthing on his mind was cybercrime. But unfortunately, his payments.company Sign Designs Inc., an electric-sign maker inModesto, California was on a hacker’s mind. And then there ANALYSISwas the phone call from their bank, Bank of Stockton, Small business and regional banking attacks are on ainquiring about a $9,670 electronic payment to a Chase major upswing. As indicated both lack creditable securitycustomer in Michigan. Sign Designs confirmed it hadnt set procedures and open themselves up to attack. However, inup the payment and the banks halted the transaction. this case it was proven once again that the financial attack was the result of an earlier malicious program attack. ThisHowever, they were a little late on the chain. Close to program did not insert itself onto the controller’s$100,000 had been transferred out of their account and computer. He had to have done something to initiate thedistributed to 17 money mules. The Bank of Stockton attack. Ignorance not maliciousness was the culprit.responded as rapidly as they could once they discovered Sign Designs President David Johnston argues that Bank ofthe online deception. They managed to secure a little more Stockton should cover the losses because it didnt flag thethan half of the absconded funds but $48,000 was already highly unusual account activity nor did it bar twoin the hands of the hackers. computers—the controllers and hackers—from accessing the account with the same credentials at theNaturally, Bank of Stockton declares no responsibility since same time. "I dont think they should offer a service that isits security systems were never actually penetrated. The not safe," Mr. Johnston says. "Do you expect Im going tobad guys had planted malicious software on the computer solve this? Im going to take on these Russian thieves?of Sign Designs controller and used it to steal his Clearly Im not going to be able to do it."online-banking credentials. The bank also says Sign Actually, Mr. Johnston with all due respect, you can takeDesigns failed to take advantage of security measures that them on. Educate your staff. Don’t let them fall for fishingmight have averted losses, such as requiring two staff expeditions.members to sign off on every payment. KnowBe4, LLC | 601 Cleveland Street, Suite 930, Clearwater, FL 33755 | Tel: 855-KNOWBE4 (566-9234) | www.KnowBe4.com | Email: sales@KnowBe4.com © 2011 KnowBe4, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
  7. 7. Looking At The Bank’s Role In CybertheftSITUATION 4. TD Bank did nothing to secure their online banking facility,Do banks have sufficient safeguards to prevent unauthorized disregarding all the explicit warnings from federal agencies,electronic transfers? In particular does your bank double verify plus industry analysts such as Avivah Litan and computerbefore sending your money to a criminal organization? It may security specialists such as Bruce Schneier.sound harsh but this is the current state of affairs for small 5. And this is in spite of the fact that many different proven, “Ms. McCarthy immediatelybusinesses in particular. Have you checked out your bank’s inexpensive, fast-to-implement, easy-to-integrate, andsecurity procedures? Have you told them to not allow electronic customer-friendly bank security solutions that defeat these notified the bank when she sawtransfers over a certain amount without checking with you attacks have been available in the commercial marketplace for the transfers from her Little &personally? There are simple procedures to red flag an account for over half a decade.unauthorized transfer – make sure your bank is employing them. King company account. She hadNot everyone has been so lucky. TD Bank maintains that because the hackers used her correct username and password to make the transfers, TD Bank bears no never previously made anCASE IN POINT – MASSAPEQUA, NEW YORK responsibility whatsoever for the breach. Furthermore, because her computer was infected with ZeuS, Little & King bears electronic transfer. TD Bank didFEBRUARY 15, 2010 responsibility for the fraudulent transfers.On Monday, February 15, 2010, Karen McCarthys life was literally not put a freeze on her accountturned upside down, when her business bank account at TD Bank until the next day despite thewas electronically looted. The usual suspects (Eastern European DIGITAL CRIME OUTPACES REAL-WORLDcriminals) removed $164,000 in what has become an epidemic of ROBBERIES call from McCarthy.commercial bank account thefts. Utilizing the infamous ZeuS Digital crime now outpaces real-world bank robberies in terms ofvirus, criminals were able to ferret out her logon and password. losses. In 2009, there were 8,818 bank robberies nettingThe rest is history, except for one thing – did TD Bank employ the criminals an average of $4,029 -- a total of about $35.5 million,necessary security lockdown procedures as mandated by the according to the FBIs Uniform Crime Reporting (UCR) program. Furthermore, the bank did notFDIC? However, 60 percent of bank robbers were caught, often very notify her of any unusual quickly.Ms. McCarthy immediately notified the bank when she saw the activity, something that wouldtransfers from her Little & King company account. She had never Compare that to fraud statistics of Automatic Clearing Housespreviously made an electronic transfer. TD Bank did not put a (companies in charge of electronic funds transfers and credit card seem to be commonplace perfreeze on her account until the next day despite the call from payment processing). The recent arrests connected with Zeus accounted for some 390 reported cases where $70 million was online banking agreements. It isMcCarthy. Furthermore, the bank did not notify her of anyunusual activity, something that would seem to be commonplace stolen from accounts. The criminals had attempted to steal some a simple matter to setup onlineper online banking agreements. It is a simple matter to setup $220 million. The investigation mainly netted the lowest ranks ofonline alerts such as this, yet TD Bank seemingly failed to do so. the criminal network -- the so-called money mules that remove alerts such as this, yet TD BankTD Bank has stated that they were not responsible, that the fraud stolen funds from their accounts and transfer the money towas “not related to any breach on the part of TD Bank.” international accounts abroad. In general, the money mules are seemingly failed to do so.” people who are duped into believing they are working for aDetermined to get to the bottom of this fraudulent activity, legitimate company processing payments.McCarthy discovered some interesting things about TD Bankincluding lack of certain security protocols. ANALYSIS Is it possible that TD Banks’ online banking services required no 1. TD Bank did not comply with the regulatory guidance they more authentication than a simple user name and password and have been receiving from FFIEC and FDIC starting in 2005. did not require any further enhanced authentication before Indeed, TD Bank’s CEO received an FDIC Special Alert (LINK) transferring large sums of money? Did they make it easy for almost six months prior to the Little & King incident that hackers to access Little & Kings’ bank account and wipe it out exactly described the attack that cleaned out her account. The without no more than a cyber-handshake? alert instructed the bank to institute appropriate security measures to prevent losses due to malicious software. It seems that our local and regional banks have made it clear that 2. This FDIC Alert informed service providers where to look for until they are forced to take full financial responsibility (as they guidance and gave them information on authentication and are today with retail - consumer - accounts) for allowing these information about security for high risk transactions. These attacks to succeed, they simply will not follow the guidance that documents included: their regulators have offered them to prevent those successful • FFIEC Guidance Authentication in an Internet attacks. If and only when banks like TD Bank are required to Banking Environment reimburse commercial depositors for losses from cyber theft that • Authentication in an Internet Banking they could have thwarted they will then institute the security Environment Frequently Asked Questions measures that they could and should have instituted long ago. • FFIEC Information Security Examination Handbook • FFFIEC Retail Payment Systems Examination Make sure your bank is employing the proper protocols and Handbook procedures to prevent this from happening to you. • FDIC Guidance on Mitigating Risks from Spyware 3. Previous FFIEC guidance instructed TD Bank to institute “layers” of fraud controls such as checks on Internet addresses used and for unusual patterns of account activity. KnowBe4, LLC | 601 Cleveland Street, Suite 930, Clearwater, FL 33755 | Tel: 855-KNOWBE4 (566-9234) | www.KnowBe4.com | Email: sales@KnowBe4.com © 2011 KnowBe4, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
  8. 8. Job Applications Open Door To CybertheftSITUATION The Trojan was used to transfer money to Ukraine andDo you have a corporate policy regarding clicking on two other U.S. bank accounts. "The FBI recommendsattachments or downloading from sites or email? If that potential employers remain vigilant in openingyou don’t you better get on it. There is a new covert the e-mails of prospective employees," the FBI said. The FBI released information ontrick running around that implants your computer the latest iteration of the hackwith malicious software, just because you DIGITAL CRIME OUTPACES where the cybercriminals lookdownloaded an applicant’s resume. REAL-WORLD ROBBERIES Digital crime now outpaces real-world bank robberies for companies that are hiringCASE IN POINT – SOMEWHERE IN THE in terms of losses. In 2009, there were 8,818 bank online and then send them theUNITED STATES JANUARY 2011 robberies netting criminals an average of $4,029 -- a malware through the so-calledRecently, The U.S. Federal Bureau of Investigation total of about $35.5 million, according to the FBIsissued a warning regarding a new M.O. ACH, I.e., Uniform Crime Reporting (UCR) program. However, job application. One unnamedAutomated Clearing House fraud. As you have noted 60 percent of bank robbers were caught, often very U.S. Company recently lostin these case studies, cybercriminals install malicious quickly.software on unsuspecting computers which is then $150,000 according to the FBIsused to burrow into their financial information logins Compare that to fraud statistics of Automatic Clearing Internet Crime Complaint Center.and passwords. Once they have access to the account Houses (companies in charge of electronic fundsthey start transferring sums through fake employees, transfers and credit card payment processing). Thepayees, etc. The money mules then move the recent arrests connected with Zeus accounted for "The malware was embedded incompany to accounts that are out of the U.S. In a some 390 reported cases where $70 million was an e-mail response to a jobmatter of hours, hackers can move hundreds of stolen from accounts. The criminals had attempted tothousands of dollars from your account should it steal some $220 million. The investigation mainly posting the business placed onbecome infected. Small businesses and regional netted the lowest ranks of the criminal network -- an employment website," the FBIbanks are often the targets for these 21st Century the so-called money mules that remove stolen funds from their accounts and transfer the money to reported.gangsters and they usually are not as technicallysophisticated. Access to the victimized computer is international accounts abroad. In general, the moneygranted through sophisticated phishing techniques mules are people who are duped into believing theythat take advantage of employee computer security are working for a legitimate company processingignorance. payments.The FBI released information on the latest iteration of ANALYSISthe hack where the cybercriminals look for Once again we find that lack of computer securitycompanies that are hiring online and then send them training to be the culprit. We live in a highlythe malware through the so-called job application. technically uncivilized world. The Internet is theOne unnamed U.S. Company recently lost $150,000 modern version of the Wild Wild West. You have to beaccording to the FBIs Internet Crime Complaint armed and ready to protect your company fromCenter. "The malware was embedded in an e-mail serious gunfire. One of them of course, is to not openresponse to a job posting the business placed on an email attachments. The safest bet is to delete theemployment website," the FBI reported. attachment and write back to the sender asking for a plain text version. Interestingly, another option isIn this case the malware, a variant of the Bredolab opening the document in Google Gmail if you haveTrojan, "allowed the attacker to obtain the online an account to check the legitimacy of the applicationbanking credentials of the person who was or resume. You can set up a special Gmail account justauthorized to conduct financial transactions within for recruitment to safeguard your network.the company." The typo-filled Trojan looked like aWord document and read: "Hello! I have figured outthat you have an available job. I am quiet interestedin it. So I send you my resume, Looking forward toyour reply. Thank you." KnowBe4, LLC | 601 Cleveland Street, Suite 930, Clearwater, FL 33755 | Tel: 855-KNOWBE4 (566-9234) | www.KnowBe4.com | Email: sales@KnowBe4.com © 2011 KnowBe4, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
  9. 9. Hackers Crack Library Without A Card: Making WithdrawalsWithout A Library CardSITUATION DIGITAL CRIME OUTPACESHow open is your company’s Internet access? Does REAL-WORLD ROBBERIESyour staff go online when no one is looking? Do you Digital crime now outpaces real-world bank robberies Digital crime now outpaceshave patrons or customers that have access as well? in terms of losses. In 2009, there were 8,818 bank real-world bank robberies inWhat security safeguards do you have in place? What robberies netting criminals an average of $4,029 -- a terms of losses. In 2009, thereare your rules for using the Internet? Small total of about $35.5 million, according to the FBIs were 8,818 bank robberiesbusinesses tend to be pretty lax in this area. Isn’t it Uniform Crime Reporting (UCR) program. However,time that you had firm policy on using the Internet in 60 percent of bank robbers were caught, often very netting criminals an average ofyour business? You could save yourself a lot of trouble quickly. $4,029 -- a total of about $35.5not to mention – money. million, according to the FBIs Compare that to fraud statistics of Automatic Clearing Uniform Crime Reporting (UCR) Houses (companies in charge of electronic funds program.CASE IN POINT – DELRAY BEACH, transfers and credit card payment processing). TheFLORIDA JANUARY 7, 2010 recent arrests connected with Zeus accounted for However, 60 percent of bankSomebody was cooking the books at the Delray some 390 reported cases where $70 million was robbers were caught, often veryBeach Public Library – suddenly $160,000 went stolen from accounts. The criminals had attempted to quickly.missing and was nowhere to be found. Hackers steal some $220 million. The investigation mainlycreated faux employees and paid them from the netted the lowest ranks of the criminal network --library’s bank account. Overnight, the library “hired” the so-called money mules that remove stolen funds16 new employees and their “earnings” were taken from their accounts and transfer the money tothrough direct deposit payroll. The money was paid international accounts abroad. In general, the moneyout in allotments of under $10,000 so as to not raise mules are people who are duped into believing theyred flags. are working for a legitimate company processing payments.Unfortunately for the hackers and fortunately for thelibrary someone was taking care of the books. Thefraud was discovered rapidly and the bank was able ANALYSISto reverse most of the fraudulent transfers. Their Who knows how the malicious software got into thebank actually refunded the balance to them. This is Delray Beach Library’s network. All they know is thatnot the usual case for commercial banks. it did. Publishing a set of computer security best practices that can be used by library staff and patronsThe library’s phantom employees were recruited with would be a good start. Training the staff to keepwork-at-home offers. They received their ill-gotten security in and the bad guys out would be evengains wired the majority off and kept a commission. better.The transfers are under $3,000 each which appear tobe a threshold beneath any controls or checks thetransfer company might have. Western Union andMoneygram are supposed to have fraud controls inplace to prevent this type of racket but they do notappear to be working. KnowBe4, LLC | 601 Cleveland Street, Suite 930, Clearwater, FL 33755 | Tel: 855-KNOWBE4 (566-9234) | www.KnowBe4.com | Email: sales@KnowBe4.com © 2011 KnowBe4, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
  10. 10. Losing The Trust In A Trust FundSITUATION over her accounts, despite the presence of standardSo you think you know the ins and outs of Internet anti-virus software.banking. You make up strong passwords and youeven remember to change them once in a while. You DIGITAL CRIME OUTPACES Digital crime now outpaceshave “normal” security in place (you hid the sticky REAL-WORLD ROBBERIES real-world bank robberies inwith your password and login on it – it’s no longer on Digital crime now outpaces real-world bank robberiesyour monitor). in terms of losses. In 2009, there were 8,818 bank terms of losses. In 2009, there robberies netting criminals an average of $4,029 -- a were 8,818 bank robberiesCASE IN POINT – TAMPA BAY, FLORIDA total of about $35.5 million, according to the FBIs netting criminals an average ofMAY 10, 2010 Uniform Crime Reporting (UCR) program. However,There was nothing typical about this Monday 60 percent of bank robbers were caught, often very $4,029 -- a total of about $35.5morning for Bradenton attorney Kimberly Graus. It quickly. million, according to the FBIsmay have started out bright and sunny, but thisMonday turned out to be a dark day for one of the Compare that to fraud statistics of Automatic Clearing Uniform Crime Reporting (UCR)trust accounts she administers. $35,000 was missing Houses (companies in charge of electronic funds program.and she could not account for it. Her computer had transfers and credit card payment processing). Thebeen hacked and the money was finding its way to recent arrests connected with notorious ZeusEastern European criminals. malware accounted for some 390 reported cases However, 60 percent of bank where $70 million was stolen from accounts. The criminals had attempted to steal some $220 million. robbers were caught, often veryAccording to her bank, her own IP address was thesource of the wire transfer orders and after further The investigation mainly netted the lowest ranks of quickly.study by computer forensic experts, the culprits were the criminal network -- the so-called money mulesfound. The criminals had made four wire transfers that remove stolen funds from their accounts andfrom Graus’ trust account. Fortunately, Kimberley transfer the money to international accounts abroad.spotted it fast enough so she could notify Superior In general, the money mules are people who areBank and they were able pull back three of the orders duped into believing they are working for abut the fourth for $9,500 had already been legitimate company processing payments.transferred to the Ukraine. ANALYSISAnd Graus was lucky that just that morning she had If you are a business doing online banking and arewired $400,000 to pay off client mortgages. The only relying on the bank’s security and safeguards,hackers struck in the afternoon; otherwise they you may be bound for major trouble. Commercialmight have gotten a much bigger haul and accounts do not have the same FDIC insurance aspotentially bankrupted her practice. personal accounts! Before you use online banking, read the rules carefully. Check all online accountsAside from the $9,500.00 loss, there were significant daily, and make sure your corporateother costs in both time and money including a new defense-in-depth is in good shape.laptop to be used for banking purposes only, the costof the forensic investigation and not to mention the One simple thing we strongly recommend is that yourtime costs involved in closing and setting up new company instructs the bank that no outside transfersbank accounts. There is also the potential loss of trust are made without the bank having hard-copy writtenshe has had with her clients and other business authorization signed by an account signatory for anyassociates including her bank. Superior Bank of transfer request. That, and having a formal Internetcourse, is adamant that it bears no responsibility for Security Awareness Training program in place for allthe theft. employees. The bad guys are bypassing the antivirus on workstations by making users click on somethingComputer consultants told Graus that the malware on and infect the PC with malware so that they can hackher system most likely came in the form of a email the network.phishing attempt that she clicked on. The malwarewas able to capture passwords and logins and took KnowBe4, LLC | 601 Cleveland Street, Suite 930, Clearwater, FL 33755 | Tel: 855-KNOWBE4 (566-9234) | www.KnowBe4.com | Email: sales@KnowBe4.com © 2011 KnowBe4, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
  11. 11. School’s Out For Christmas, Hackers Get PresentsSITUATION DIGITAL CRIME OUTPACESHere you are in the far Western part of Pennsylvania, REAL-WORLD ROBBERIESa comparatively modest school district and your Digital crime now outpaces real-world bank robberies Digital crime now outpacespayroll suddenly expands by 42 employees from in terms of losses. In 2009, there were 8,818 bankCalifornia and Puerto Rico during Christmas break. robberies netting criminals an average of $4,029 -- a real-world bank robberies inWould that not strike you as unusual? On top of that total of about $35.5 million, according to the FBIs terms of losses. In 2009, thereyour bank receives 74 wire transfer requests over a Uniform Crime Reporting (UCR) program. However, were 8,818 bank robberiesfour-day period, when you very rarely ever ever wire 60 percent of bank robbers were caught, often very netting criminals an average oftransfer. Shouldn’t your bank take notice of that fact? quickly. $4,029 -- a total of about $35.5Wouldn’t it strike them as unusual especially since million, according to the FBIsschools and administrative offices were closed for the Compare that to fraud statistics of Automatic Clearingholiday? Well, that is what happened in Western Houses (companies in charge of electronic funds Uniform Crime Reporting (UCR)Beaver Country, PA. transfers and credit card payment processing). The program. recent arrests connected with Zeus accounted forCASE IN POINT – WESTERN BEAVER some 390 reported cases where $70 million was However, 60 percent of bankCOUNTY, PENNSYLVANIA JANUARY 2, stolen from accounts. The criminals had attempted to robbers were caught, often very2009 steal some $220 million. The investigation mainlyWestern Beaver County School District administrators netted the lowest ranks of the criminal network -- quickly.were not very happy with their Christmas present this the so-called money mules that remove stolen fundsyear. They woke up to find out that hackers not Santa from their accounts and transfer the money toClaus had made away with over $700,000 from their international accounts abroad. In general, the moneybank accounts. To their credit, ESB Bank managed to mules are people who are duped into believing theyreverse some of the wire transfers, however, the are working for a legitimate company processingPennsylvania school district was out more than payments.$441,000.A few months later Western Beaver tried to sue ESB ANALYSISand recover their money, but as in other instances, Once again criminals made use of the Automatedthe bank had protected itself with procedures and Clearing House (ACH) Network to get their prize.policy. As we know commercial accounts do not Should banks take note of an unusual number ofreceive the same level of protection as personal transfers? They sure should and no excuse that thereaccounts which are only liable up to $50. Court filings are so many transactions that they could not keepshowed that the criminals used malicious software to track of them. It is not exactly rocket science togain control of Western Beaver’s computers and thus program an account to put up a red flag. Shouldtheir bank accounts. Western Beaver School District be monitoring their accounts on a regular basis? Absolutely, nothing isThe bad guys set up the new payees and transferred better than vigilance and nothing worse thanthe money to them -- with routing number and negligence. It would be interesting to discover howaccount number in hands, the money was transferred well-protected their computer networks are.to the money mules who made out quite well for theholidays. KnowBe4, LLC | 601 Cleveland Street, Suite 930, Clearwater, FL 33755 | Tel: 855-KNOWBE4 (566-9234) | www.KnowBe4.com | Email: sales@KnowBe4.com © 2011 KnowBe4, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
  12. 12. Dentist Gets DrilledSITUATION But before they did that, they still had to access Dr.Just when you thought you heard everything, here Thousand’s account information. No surprise,comes this new weapon from the bad guys – malicious software was embedded in his system‘telephony denial-of-service’. Imagine you cannot use most likely after a phishing expedition. They then The bad guys had this dentistyour telephones, land, mobile, home, work, etc. went on to raid, pillage and loot his account. coming and going. In December,because gangsters have engaged in a bombardment While his account was being plundered, the battery he discovered that $399,000 hadof calls to those numbers while at the same time they of phone calls began. In the meantime the thievessystematically drain your bank accounts. You bank posing as Dr. Thousand called Ameritrade demanding been drained from hismight even be trying to call you and get your that the transfers be sent through. When questioned, Ameritrade retirement accountapproval or alert you to the transfers coming from they acknowledged having phone problems as to shortly after he’d received theyour account. why they did not respond to previous calls. Dr. Thousand was most fortunate in that Ameritrade did calls. About $18,000 wasCASE IN POINT – ST. AUGUSTINE, return his funds. Had they been in a business account transferred from his account onFLORIDA, DECEMBER 2009 he would not have been so fortunate. Nov. 23, with anSo there you are doing what dentists do, drilling andfilling, when you get a phone call featuring a DIGITAL CRIME OUTPACES $82,000-transfer following two30-second promotion for a sex hotline. You just might REAL-WORLD ROBBERIES days later. Five days after that,think that was unusual but when they persist and Digital crime now outpaces real-world bank robberies another $99,000 was drained,literally barrage your phone lines, you just might in terms of losses. In 2009, there were 8,818 bank robberies netting criminals an average of $4,029 -- a followed by two transfers ofthink something unsavory was going on in your life.This, indeed, was what happened to Florida Dentist total of about $35.5 million, according to the FBIs $100,000 each on Dec. 2 and 4.Robert Thousand Jr., who by the way is semi-retired. Uniform Crime Reporting (UCR) program. However, The thieves withdrew the moneyAlmost $400,000 was drained from his Ameritrade 60 percent of bank robbers were caught, often very quickly. in New York.Retirement Account.The FBI said attacks like this are growing, Compare that to fraud statistics of Automatic ClearingLast November, Robert Thousand Jr., a semi-retired Houses (companies in charge of electronic fundsdentist in Florida, received a flood of calls to several transfers and credit card payment processing). Thephones. When he answered them, he heard a recent arrests connected with Zeus accounted for30-second recording for a sex hotline, according to some 390 reported cases where $70 million wasthe St. Augustine Record. stolen from accounts. The criminals had attempted to steal some $220 million. The investigation mainlyThe bad guys had this dentist coming and going. In netted the lowest ranks of the criminal network --December, he discovered that $399,000 had been the so-called money mules that remove stolen fundsdrained from his Ameritrade retirement account from their accounts and transfer the money toshortly after he’d received the calls. About $18,000 international accounts abroad. In general, the moneywas transferred from his account on Nov. 23, with an mules are people who are duped into believing they$82,000-transfer following two days later. Five days are working for a legitimate company processingafter that, another $99,000 was drained, followed by payments.two transfers of $100,000 each on Dec. 2 and 4. Thethieves withdrew the money in New York. ANALYSISPer the FBI, the phone calls were a diversionary tactic If you suddenly are barraged with porn phone calls,tying up Thousand’s line so that Ameritrade could not realize something is amiss check with your bank andget hold of him and authenticate the money other financial institutions. Change your phonetransfers. number. But do something. Also of course make sure your anti-malware software is up-to-date. The money you save may be your own! KnowBe4, LLC | 601 Cleveland Street, Suite 930, Clearwater, FL 33755 | Tel: 855-KNOWBE4 (566-9234) | www.KnowBe4.com | Email: sales@KnowBe4.com © 2011 KnowBe4, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
  13. 13. An Apple A Day Didn’t Keep This Thief AwaySITUATION Compare that to fraud statistics of Automatic ClearingYou enjoy buying online and find many a bargain. But Houses (companies in charge of electronic fundssometimes those prices just might be too good to be transfers and credit card payment processing). The Digital crime now outpacestrue. This is especially so when buying a limited recent arrests connected with Zeus accounted for real-world bank robberies indistribution item like an Apple Computer. This might some 390 reported cases where $70 million was terms of losses. In 2009, therejust be one apple that you should not take a bite stolen from accounts. The criminals had attempted to were 8,818 bank robberiesfrom. steal some $220 million. The investigation mainly netting criminals an average of netted the lowest ranks of the criminal network -- $4,029 -- a total of about $35.5CASE IN POINT – TAMPA BAY, FLORIDA the so-called money mules that remove stolen funds million, according to the FBIsOCTOBER 14, 2007 from their accounts and transfer the money to Uniform Crime Reporting (UCR)Rebecca Renner was in the market for a new international accounts abroad. In general, the money program.computer for her Tampa-based company, Creative mules are people who are duped into believing theyMinds, a print and design service. An ad on are working for a legitimate company processing However, 60 percent of bankCraigslist.org for a MacBook Pro with an Intel payments. robbers were caught, often veryprocessor and 17-inch screen caught her eye, as did quickly.the price: $1,700. The seller, Jeffrey Murray, claimedto be from the Bronx, N.Y., but was living in London ANALYSISbecause of his job. On the Internet as in life, take nothing for granted. If something looks too good to be true, chances are it isVia e-mails, Murray instructed Renner to pay by not what you should be seeking. What should Ms.wiring money to a third-party payment service and Renner done instead of resorting to impulse and buyprovided a link to the payment Web site. Only a computer that was just priced too inexpensively?problem was once Renner wired the money she never Well, she should have recognized it was too cheap forreceived the computer. Murray or whatever his name that make and model and rejected it to begin with.is disappeared with her wire transfer and presumably Renner said she was taken in by the idea that Murraythe computer she ostensibly purchased. was part of the Mac community and therefore had to be a good guy.DIGITAL CRIME OUTPACESREAL-WORLD ROBBERIES Wrong again, Murray could have been anywhere inDigital crime now outpaces real-world bank robberies the world, maybe even running a tidy little Nigerianin terms of losses. In 2009, there were 8,818 bank scam. And last but not least you don’t pay someonerobberies netting criminals an average of $4,029 -- a you don’t know by wire transfer, not without havingtotal of about $35.5 million, according to the FBIs the goods in your hands first. This is a big No No.Uniform Crime Reporting (UCR) program. However, Lesson learned look before you pay.60 percent of bank robbers were caught, often veryquickly. KnowBe4, LLC | 601 Cleveland Street, Suite 930, Clearwater, FL 33755 | Tel: 855-KNOWBE4 (566-9234) | www.KnowBe4.com | Email: sales@KnowBe4.com © 2011 KnowBe4, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
  14. 14. Vandals Go To Town On Small TownsSITUATION We guess not because the next thing you know thereSomeone once said that you can’t fight city hall. Well, are ACH transfers of $70K and a wire transfer ofonline criminals have changed this equation. They $30,000. The wire transfer was stopped by the bank Recently, crooks stole $100,000have found the means to not only fight city hall but but the 70,000 was long gonetake it to the cleaners. It seems there has been a rash from the New Jersey township ofof online heists of small town bank accounts. It seems DIGITAL CRIME OUTPACES Egg Harbor; $130,000 from alike quite a few of these organizations do not have REAL-WORLD ROBBERIES public water utility in Arkansas;the resources to employ the proper safeguards or Digital crime now outpaces real-world bank robberies $378,000 from a New Yorksufficient education. in terms of losses. In 2009, there were 8,818 bank town; $160,000 from a Florida robberies netting criminals an average of $4,029 -- a public library; $500,000 from aCASE IN POINT – SUMMIT, ILLINOIS total of about $35.5 million, according to the FBIsMARCH 11, 2010 Uniform Crime Reporting (UCR) program. However, New York middle school district;The Village of Summit, Illinois is tiny when compared 60 percent of bank robbers were caught, often very $415,000 from a Kentuckyto most towns with a population topping off at quickly. county (this is far from aaround 10,000. Nevertheless, it was a ready target for comprehensive list).” The cybercyber-thieves who made off with a grand haul of Compare that to fraud statistics of Automatic Clearing Houses (companies in charge of electronic funds criminals are taking it to city hallclose to $100,000. transfers and credit card payment processing). The big time.According to ace security reporter Brian Krebs, recent arrests connected with Zeus accounted for“Summit is just the latest in a string of towns, cities, some 390 reported cases where $70 million wascounties and municipalities across America that have stolen from accounts. The criminals had attempted toseen their coffers cleaned out by organized thieves steal some $220 million. The investigation mainlywho specialize in looting online bank accounts. netted the lowest ranks of the criminal network --Recently, crooks stole $100,000 from the New Jersey the so-called money mules that remove stolen fundstownship of Egg Harbor; $130,000 from a public from their accounts and transfer the money towater utility in Arkansas; $378,000 from a New York international accounts abroad. In general, the moneytown; $160,000 from a Florida public library; mules are people who are duped into believing they$500,000 from a New York middle school district; are working for a legitimate company processing$415,000 from a Kentucky county (this is far from a payments.comprehensive list).” The cyber criminals are taking itto city hall big time. ANALYSIS Someone needs a lesson on online security, don’t youThe assistant to the town’s administrator logged in to think? Red flags were flying; the assistant even calledthe town bank account at Bridgeview Bank and was the bank and was told there were no problems.hit with a redirect explaining there were technical Shouldn’t the assistant and the bank have realizeddifficulties. Someone had hacked into their network something was wrong and immediately takenand was rapidly using the credentials she had precautions to protect the account? There wasentered to access the online account. The thieves obvious cyber-skullduggery in place here but truth iseven gave her a phone number for customer support. a bit of common sense could have prevented aWhen the assistant called the number it was a $70,000 disaster.residence. So she called the bank and was told therewere not problems. Should have raised a red flag,don’t you think? KnowBe4, LLC | 601 Cleveland Street, Suite 930, Clearwater, FL 33755 | Tel: 855-KNOWBE4 (566-9234) | www.KnowBe4.com | Email: sales@KnowBe4.com © 2011 KnowBe4, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
  15. 15. Cybercrime Attacks Charities - How Criminal Is That?SITUATION total of about $35.5 million, according to the FBIsWe have seen some acts from cyber bad guys, Uniform Crime Reporting (UCR) program. However,especially those that take advantage of disasters and 60 percent of bank robbers were caught, often very Digital crime now outpacescatastrophes, but looting a charity’s bank account quickly. real-world bank robberies inseems especially low even for them. In the world of terms of losses. In 2009, therethese criminals, nothing is sacred or holy. Compare that to fraud statistics of Automatic Clearing were 8,818 bank robberies Houses (companies in charge of electronic funds netting criminals an average of transfers and credit card payment processing). The $4,029 -- a total of about $35.5CASE IN POINT – BOSTON, recent arrests connected with Zeus accounted for million, according to the FBIsMASSACHUSETTS JANUARY, 2010 some 390 reported cases where $70 million was Uniform Crime Reporting (UCR)The United Way is one of the good guys in society. The stolen from accounts. The criminals had attempted to program. However, 60 percent offunds they raise are put back in the community to steal some $220 million. The investigation mainly bank robbers were caught, often netted the lowest ranks of the criminal network -- very quickly.help those who require help. But in January, 2010, itwas the United Way needing the help. the so-called money mules that remove stolen funds from their accounts and transfer the money toThe bad guys used the Internet to break into the international accounts abroad. In general, the moneyUnited Way in Massachusetts bank account and mules are people who are duped into believing theylooted it to the tune of $150,000 or so they thought. are working for a legitimate company processingThey were pretty clever in using the unauthorized payments.payroll routine (putting bogus workers on the payrolland then distributing the funds electronically tothem). This was for $110,000 and then attempted to ANALYSIStransfer $40,000 to a money mule in New York. Either the United Way got very lucky or someone wasNeither of the schemes worked out as the United Way on their toes monitoring the bank accounts.and their bank was able to block or reverse the Whatever it was, one of the good things about thistransactions. This is not always the case, very often a was the organization was able to work with theirsubstantial amount cannot be retrieved because it bank to prevent the fraud. Perhaps this is a good timehas disappeared to eastern Europe. to have a talk with your favorite banker and find out what they are doing to prevent online fraud. While you are there work out an airtight policy to make sureDIGITAL CRIME OUTPACES it never happens to you.REAL-WORLD ROBBERIESDigital crime now outpaces real-world bank robberiesin terms of losses. In 2009, there were 8,818 bankrobberies netting criminals an average of $4,029 -- a KnowBe4, LLC | 601 Cleveland Street, Suite 930, Clearwater, FL 33755 | Tel: 855-KNOWBE4 (566-9234) | www.KnowBe4.com | Email: sales@KnowBe4.com © 2011 KnowBe4, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
  16. 16. Financial Institutions Fall Victim To Cyber-Theft –Could Internet Security Awareness Training Have Prevented The Larceny?SITUATION DIGITAL CRIME OUTPACESIn a cyber-twist, a bank is targeted and (possibly a REAL-WORLD ROBBERIESlot) more than $100K removed from its coffers. The Digital crime now outpaces real-world bank robberies Digital crime now outpacesbank won’t say how much. Most of our case studies in terms of losses. In 2009, there were 8,818 bankinvolve businesses who wake up one morning to find robberies netting criminals an average of $4,029 -- a real-world bank robberies intheir bank accounts emptied of accumulated cash. total of about $35.5 million, according to the FBIs terms of losses. In 2009, thereThis time a bank felt the sting of the cyber-gang. So Uniform Crime Reporting (UCR) program. However, were 8,818 bank robberiesfor once it was not the small businessman that was 60 percent of bank robbers were caught, often very netting criminals an average ofhit but the bank itself. Makes you wonder how many quickly. $4,029 -- a total of about $35.5other banks have found themselves the victim of million, according to the FBIscyber-theft. This is especially relevant when you hear Compare that to fraud statistics of Automatic Clearingabout banks that for legal reasons are not able to Houses (companies in charge of electronic funds Uniform Crime Reporting (UCR)take responsibility for their clients when they have transfers and credit card payment processing). The program. However, 60 percent ofbeen defrauded. There is irony in all of this, especially recent arrests connected with Zeus accounted for bank robbers were caught, oftenwhen you take into consideration a federal credit some 390 reported cases where $70 million was very quickly.union. stolen from accounts. The criminals had attempted to steal some $220 million. The investigation mainly netted the lowest ranks of the criminal network --CASE IN POINT – SALT LAKE CITY, UTAH the so-called money mules that remove stolen fundsMAY 20, 2010 from their accounts and transfer the money toThe Treasury Credit Union is a financial facility international accounts abroad. In general, the moneyservicing federal employees and the families of the mules are people who are duped into believing theyU.S. Treasury Department in Utah. On a sunny are working for a legitimate company processingThursday in May, somewhere around 70 wire payments.transfers were made from one of the bank’s ownaccounts. The transfers were made at low incrementamounts of under $5,000 to money mules for a totalin the low six figures. Some of the money was ANALYSISreturned. It just goes to show you that despite sophisticated security, the weak link even in a financial institutionHow did the criminals infiltrate this supposedly proved to be an employee. One of the keys to securitywell-protected financial institution? Just like they do is educating personnel on Internet Securityany other business; a bank employee’s login and Awareness. If the employee had been educated, apassword was stolen, by malicious software most large amount of money would have been saved andlikely via phishing and the Trojan horse was inserted much aggravation would have been avoided.into the computer. This was accomplished despite thefact that the computer and network waswell-protected by an antivirus. The Trojan horse wasnot detected; no wonder when you consider the userwent to the phishing site and literally invited themalware in. Last July, organized thieves used moneymules to steal tens of thousands of dollars fromHuntington, W.V. based First Sentry Bank. KnowBe4, LLC | 601 Cleveland Street, Suite 930, Clearwater, FL 33755 | Tel: 855-KNOWBE4 (566-9234) | www.KnowBe4.com | Email: sales@KnowBe4.com © 2011 KnowBe4, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.

×