Recently, there's been a wave of cyber attacks on small and mid-sized businesses by organized gangs from Eastern Europe. It's got the financial services industry very worried.
A task force representing the financial industry sent out an alert Friday outlining the problem and urging its members to put in place many of the precautions now used to detect consumer bank and credit card fraud.
"In the past six months, financial institutions, security companies, the media and law enforcement agencies are all reporting a significant increase in funds transfer fraud involving the exploitation of valid banking credentials belonging to small and medium sized businesses," reads the confidential alert sent to members of the Financial Services Information Sharing and Analysis Center, an industry group created to share data about critical threats to the financial sector.
The hackers send emails to the company's controller or treasurer which contain password-stealing software. They then initiate wire transfers to bleed out the money--usually in amounts of less than $10,000 to keep from triggering money-laundering alerts.
While the attacks haven't attracted much press, the losses have been staggering. A Pittsburgh-area school district lost $700,000, and a Texas company lost $1.2 million.
The FBI is on the case as well.
"We share a mutual concern with respect to criminals' unrelenting intent to target our nation's financial sector and customers, whether through computer hacking or by other schemes to steal customer account information and make unauthorized withdrawals," Steven Chabinsky, deputy assistant director for the bureau's cyber division, said in a statement.