The FBI has issued a fraud alert about a trend of cyber-scams resulting in large unauthorized wire transfers to economic and trade companies located in the Heilongjiang province in China.
From March 2010 to April 2011, the FBI has identified 20 of these incidents aimed at small- to medium-sized U.S. businesses and public institutions that have accounts at small banks and credit unions. These cases have racked up a total of $11 million in losses, but the bureau says that the attempted fraud amount is close to $20 million.
The cyber criminal’s strategy is to focus on a computer within a company that has the capability to transfer funds in the company‘s name. The computer is then tricked into giving up corporate online banking credentials, sometimes through a phishing email. When the user logs in to the online banking website, the Web session is redirected to a page saying the website is under maintenance. This is when the criminals make the unauthorized fund transfers.
Some of the cases have involved malware such as ZeuS, Backdoor.bot and Spybot to steal data and access the U.S. computers remotely.
The individual wire transfers are usually above $900,000 but have been as low as $50,000. The fraud perpetrators also send small domestic ACH and wire transfers to money mules in the United states. The transfers to the money mules range from $200 to $200,000 and happen within minutes of the large overseas transfers.
The Chinese economic and trade companies who received these wire transfers were located near the Russian border and appear to be legitimate business. Many of these companies have bank accounts with the Bank of China, the Agricultural Bank of China and the Industrial and Commercial Bank of China.
The Bureau’s press alert says that they don’t currently know who is behind the transfers or if the Chinese accounts were the final stop for the funds.