14 DAY TRIAL // FBI reports show that cybercriminals have started focusing their efforts more and more on targeting the networks of financial institutions. According to the agency, they’re relying on spam, keyloggers, Remote Access Trojans (RATs), phishing, and other malicious elements to steal employee login credentials.
The Internet Crime Complaint Center (IC3) reports that the stolen information has been utilized to perform unauthorized wire transfers for amounts between $400,000 (320,000 EUR) and $900,000 (720,000 EUR).
In the first phase of these operations, the criminals use spam and phishing emails. Once they compromise the machine of an employee, they plant RATs, keyloggers and other pieces of malware such as the infamous Zeus to gain access to internal networks and the details needed to access third party systems.
Most of the victims of these crimes appear to be small to medium-sized banks and credit unions, but major financial institutions have also been targeted.
In some cases, the crooks launched distributed denial-of-service attacks against the bank’s website, most likely to cover up their fraudulent transactions. Reportedly, some of the attacks have relied on the Dirtjumper botnet that is available for around $200 (160 EUR) on underground forums.
To prevent such incidents, the IC3 advises companies to educate their employees regarding the dangers associated with opening shady attachments or clicking on dubious-looking links.
Organizations must also set proper policies that regulate what types of tasks staffers should not perform on their work computers. Mainly, they shouldn’t be allowed to access administrative accounts from their own devices, and they should be careful about the content they access on devices used to initiate payments.
Anti-malware defenses should be set in place, USB tokens must be handled with care, and access to wire transfer limit settings should be restricted.
Monitoring systems for logins and spikes in website traffic are also highly recommended.