Money mule arrests highlight banks' efforts to fight fraud
Since 2008, more than $100M has been stolen from U.S. business accounts
Computerworld - The indictments unveiled last week against dozens of people who allegedly helped loot millions of dollars from U.S. businesses via online corporate account takeovers highlights the struggle by financial firms to fight fraud.
Over the past two years, corporate account takeovers by cybercriminals have cost U.S. businesses more than $100 million, according to FBI estimates.
In most cases, the thefts have been perpetrated by gangs in Eastern Europe who used the Zeus banking Trojan to break into computers belonging mainly to small businesses and small municipalities in the U.S. The malware has been used to steal online banking credentials and access corporate accounts so the thieves could transfer money into fraudulent accounts set up by hundreds of U.S.-based accomplices, often called "money mules."
Most of the illegal transfers were unauthorized Automated Clearing House (ACH) transactions from the victim's account to the money mule.
The U.S Attorney's Office in New York City said Thursday it had indicted 37 such money mules for helping crooks based in Russia and several East European countries siphon off more than $3 million in stolen funds. In a joint announcement, Manhattan's District Attorney Cyrus Vance announced indictments against another 36 people for their participation in a similar operation.
The charges in the U.S. followed similar arrests in the UK, where authorities on Tuesday charged 11 Eastern European citizens in connection with the same scam.
The arrests mark a small, but significant, victory for law enforcement officials and financial industry representatives, analysts said. But they do little to ameliorate the urgent need for better protection against future scams.
"It is tremendous news," said Dennis Simmons, president and CEO of SWACHA, a Texas-based financial trade association that counts many financial institutions as its members. SWACHA is also part of a new Corporate Account Takeover Working Group that was established by the Financial Services Information Sharing and Analysis Center (FS-ISAC) earlier this year.
"One of the frustrations we have had with these account takeovers is the lack of jurisdiction" U.S. authorities face when pursuing the East European criminal gangs behind the thefts, he said. But going after the money mules will send a strong signal and should deter some illegal activity. Even so, "it's like that old joke: 'What would you say you have when you round up three hackers? A start,'" he said.
Doug Johnson, senior policy adviser at the American Bankers Association, called the arrests a big step forward. "Just to have an international mule network such as this taken down is a real victory," he said.
Such takedowns make it harder for crooks to siphon off stolen money, he said. "This is something that law enforcement and [the financial industry] have been working very aggressively to achieve."
- Step Out of the Bull's-Eye Learn about the evolution of targeted attacks, the latest in security intelligence, and strategic steps to keep your business safe.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- What Does it Take to Deliver a Superior Customer Experience? The Two Top-Rated Online Retailers, B&H Photo and Crutchfield Electronics, Share Their Secrets Discuss practical CX tools and service methods such as contact center agents and the use of realtime speech analytics to help contact center... All Cybercrime and Hacking White Papers | Webcasts