An organisation representing more than 15,000 financial institutions has issued a warning about a growing wave of attacks against small banks and businesses by cyber criminals using stolen banking credentials to plunder corporate accounts.

In an alert to its members earlier this month, NACHA, the Electronics Payments Association said that attackers are increasingly stealing onine banking credentials, such as user names and paswords, from small businesses by using keystroke logging tools and other malware. The cyber criminals are using the stolen credentials to 'raid' and 'take over' corporate accounts and initiate the unauthorised transfer of funds over electronic payment networks.

NACHA oversees the Automated Clearing House (ACH) electronic payments network. A similar alert that was sent out confidentially last Friday to members of the Financial Services Information Sharing and Analysis Center, according to a story published in the Washington Post yesterday. According to the Post, the alert identified organised cyber groups in Eastern Europe as being predominantly responsible for illegally siphoning millions of dollars from corporate accounts and sent overseas via popular money and wire transfer services.

The Financial Services Information Sharing and Analysis Center was formed by major financial services firms to share information about potential physical and cyber threats to their companies.

NACHA's alert said that the cyber crooks are apparently targeting small businesses because of their relative lack of strong authentication procedures, transaction controls and "red flag" reporting capabilities.

In some cases, the alert said, attackers are tricking small business workers into visiting phishing sites with the same look and feel as their company's financial institution, where they would log on using their credentials.

In other instances, keystroke loggers and data stealing malware programs are downloaded onto corporate systems via e-mail attachments, and then used to capture bank account credentials as they are entered into a financial institution's Web site.


Find your next job with techworld jobs