At this time we want to educate our Business Online Banker users of a warning from the FBI to all small- and medium-sized businesses of an observed trend in which cyber criminals are sending unauthorized wire transfers to Chinese economic and trade companies located near the Russian border.
Between March 2010 and April 2011, the FBI has identified twenty incidents in which the online banking credentials of small-to-medium sized U.S. businesses were compromised and used to initiate wire transfers to China. The FBI has noted 20 incidents in which the financial information has been compromised. These frauds are perpetrated through phishing emails or malicious emails sent to employees that have authority to transfer funds on behalf of the company. The malware or virus will compromise the users online login credentials. When the authorized user attempts to login to their online banker, the user is typically redirected to another web page stating the bank site is under maintenance or is unable to access or is unable to access the accounts. While experiencing login issue, cyber criminals may initiate unauthorized transfers to commercial accounts held at intermediary banks typically located in New York. Account funds are then transferred to Chinese economic and trade company bank accounts.
The intended recipients of the international wire transfers are economic and trade companies located in the Heilongjiang province in the Peoples Republic of China. The companies are registered in port cities that are located near the Russia-China border. The unauthorized wire transfers can range from $50,000 to $985,000. When the transfers go through successfully, the money is immediately withdrawn or transferred out of the recipient’s accounts.
In addition to wire transfers, the cyber criminals also sent domestic ACH (Automatic Clearing House) and wire transfers to money mules in the United States within minutes of conducting the overseas transfers. The domestic wire transfers ranged from $200 to $200,000. The intended recipients are money mules, individuals who the victim company has done business with in the past, and in one instance a utility company located in another U.S. state.
Please be alert and monitor your bank account for any unusual activity. It is important to educate all users of your Online Banker account, and any employees that have access to corporate financial information; to be wary of any e-mails received containing attachments or directed to links through emails. Employees should know to never assume that just because you know the address the email was sent from, that the email is safe. Any email that contains an attachment that arrives unexpectedly could contain malware, even if its not “spear phishing” malware. Simply requesting that friends and co-workers notify before they send an attachment will reduce your risk of becoming a victim in these fraudulent attacks.
Helpful Links (Please copy and paste into your web browser for additional information):
If you have any questions or concerns please feel free to reach out to one of our NBT Bank Customer Service Representatives at 1-800-NBT-BANK (1-800-628-2265).