14 DAY TRIAL // The FBI warns that cyber fraudsters are using computer malware to siphon millions of dollars from the bank accounts of US firms and send the money to sham companies in China.
During the past year, the FBI has investigated twenty cases in which online banking credentials were stolen from small-to-medium size US companies and were used to fraudulently wire money to Chinese companies.
"As of April 2011, the total attempted fraud amounts to approximately $20 million; the actual victim losses are $11 million," a report [pdf] from the Internet Crime Complaint Center (IC3) reveals.
Before being wired to China, the stolen funds are regularly routed through commercial accounts set up with banks in New York.
According to the FBI, the sham companies ultimately receiving the money are set up in Chinese port cities located near the Russian border.
These firms usually bear the name of the city in their name, together with the words economic, trade, or LTD.
The unauthorized wire transfers range from $50,000 to $985,000. Many of them exceed $900,000, but are more successful when kept under $500,000.
The malware most often used in these attacks include ZeuS, Backdoor.bot and Spybot. In at least one case, the fraudsters remotely wiped clean the hard drive of a compromised computer to hinder investigation.
The FBI advises financial institutions to heavily scrutinize wire transfers to the Chinese cities of Raohe, Fuyuan, Jixi City, Xunke, Tongjiang, and Dongning.
Some of these fraudulent wire transfers are accompanied by ACH transfers to money mules located in the United States, who in many cases are individuals that have done business with the victims.
Despite a crackdown on ZeuS gangs and money mule networks operating in the United States, Ukraine and UK last year, this infamous piece of malware remains a favorite for cyber fraudsters. Companies should protect themselves by engaging in online banking activities only from dedicated computers, preferably running alternative operating systems such as Linux or Mac.