Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Construction Company Loses Substantial Amount to Hackers

Security experts stated that a Maine-based construction firm known as Patco Construction has lost almost $588,000 from its bank - Ocean Bank of Delaware - to cyber crooks.

Explaining the modus operandi of the scam, security experts informed that the gangs could have done this by secretly implanting spyware on the systems used to perform transactions. The spyware is usually installed by means of social engineering techniques or by exploiting flaws in obsolete software.

The attackers then used the company's stolen online banking details to kick start batches of bogus transfers from its account to more than thirty individuals with whom the company had never been involved in any business in the past. Separate batch of transfers were performed on an everyday basis from May 7, 2009 to May 14, 2009 and amounted to almost $588,000.

Security experts added that this money went to the alleged 'mules' or people who have agreed to get the funds and further transport it to the cybercriminals.

Also, the hackers had sufficient important details required to do the money transfers, which they did through the ACH (Automated Clearing House) Network that is used by institutions to manage direct deposits, bill payments and cash transfers between companies and individuals.

Patco said that Ocean Bank did not provide two-factor authentication, which usually is about the use of a token that shows a verification phone call or a one-time password. The company also stated that the transfers were started from Internet Protocol (IP) addresses that it never used.

Not even a single transaction set off doubtful activity alerts from Ocean Bank. Supposedly, one of the owners of Patco, Mark Patterson, got a notification on May 13, 2009 that one of the ACH transfers were discarded because of the bogus account number given by the scammers, according to the news published by COMPUTERWORLD on September 24, 2009.

Finally, reports about this sophiticated fraud that hits small- and medium-sized businesses and public institutions in the US began since the starting of July 2009. The scam includes banking Trojans, fake transfers and unwary people serving as money mules.

Related article: Constant Growth in Botnets Poses a Serious Threat, ENISA

ยป SPAMfighter News - 10/19/2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page