Billion-Dollar Global Bank Fraud Scam Spreads to US
CREDIT: Trudy Wilkerson/Shutterstock.com
A highly sophisticated global bank fraud campaign has attempted to steal between $78 million and $2 billion from more than 60 financial institutions of all sizes throughout the world, according to the security researchers who uncovered the organized crime scheme.
The website attacks in the bank fraud campaign dubbed "Operation High Roller" allow the perpetrators, without their victims' interaction, to bypass multi-factor authentication systems and transfer money from the targets' online bank accounts directly to "mule" business accounts controlled by the criminals and used to give out the stolen funds.
"Debunking the popular wisdom that only big banks are affected, the research documents attacks at every class of financial institution: credit union, large global bank, and regional bank," the security firm McAfee wrote in its report, "Dissecting Operation High Roller."
The vector of attack, the report said, comes in the form of unsolicited spear-phishing emails, including one that requests the recipient to "Change Your Online Password." The email says, "Your online banking user password has been expired," and includes a link that hides the money-stealing malware.
The report, co-written by Guardian Analytics, explains that those behind the scam have tried to make fraudulent transactions of as much as $130,000 per attack, and that the criminals have attempted to defraud at least 60 global targets to the tune of about between $75 million and $2 billion in total.
Operation High Roller began in Eastern Europe, but research shows it has expanded to include targets in the United States and Colombia. In their report, McAfee and Guardian Analytics outline attacks levied against banks in Italy, a similar attack against 176 accounts that stole almost $10 million from a German bank, and a March 2012 hit that siphoned more than $175 million from two banks in the Netherlands.
The server used to launch the attacks on the Dutch banks was based in San Jose, Calif., the report said; the same command-and-control server was used to launch attacks on U.S. companies.
The researchers have notified international law enforcement agencies about Operation High Roller. To keep your own banking credentials safe, be very skeptical of any unsolicited emails that request any information about your passwords, user names or financial data. If you notice any unusual activity on your financial statement, report it immediately to your bank, and make sure you run anti-virus software on your computer to detect potential threats before they become a problem.