In most reported cyber crimes involving theft of funds, the victim is a small business or municipality. In a rare case, cyber thieves recently stole money directly from a credit union’s internal funds.

On May 20, Treasury Credit Union of Salt Lake City, Utah, became the victim of more than 70 unauthorized transfers from internal accounts. All the transfers were in amounts under $5000, but the total stolen was “in the low six figures”.

The FBI is investigating the case, in which many of the transfers were actually executed by “money mules”, i.e., people recruited for that specific purpose. Some of the “mules” were apparently unwitting about the criminal nature of their activity. The “brains” behind this type of cyber crime are often located in Eastern Europe (in this case, Ukraine).

The key to the crime was the furtive planting of a “Trojan horse” program on the computer of one of the credit union’s employees. That malware program forwarded the employee’s on-line banking credentials (user name, password, etc.) to the criminals in the Ukraine, who used them in an orchestrated manner to steal as much money as possible before the crime was discovered and halted.

InterComputer’s Trusted Banking solution is designed expressly to prevent the compromise of electronic identities and communications in electronic banking and insure against losses from cyber crime of any kind.

The Federal Bureau of Investigation recently announced that cybercrime attacks on banking transactions in the U.S. have the reached the $100 million level.

According to the Internet Crime Complaint Center (www.ic3.gov), which is jointly operated by the FBI, the National White Collar Crime Center, and the Bureau of Justice Assistance, malware and phishing schemes are largely responsible for the “significant increase” in cybercrime against Internet banking. Most of the victims are small and medium-sized businesses and public institutions such as municipal governments, schools, and court systems.

Typical schemes involve the secret insertion of malware, such as a keystroke logger program, onto the victim’s computer. The cyber thieves then use the information stolen by the keystroke logger to access the victim’s bank accounts themselves.  Many of the victim’s bank accounts were held at local community banks and credit unions.

Interestingly, the FBI noted that “the threat stems not only from the malware involved in these cases, but the vulnerabilities presented by the lack of controls at the financial institution…” In other words, poor Internet security systems at the bank often contributed to the problem.

InterComputer’s unique transaction insurance coverage covers both the bank and its clients in such cases. It completely resolves the security issues around Internet banking and relieves both the bank and its customer of liability for any losses caused by cybercriminals and ineffective security precautions on either side.

For more information, please click (http://www.ic3.gov/media/2009/091103.aspx), http://www.eweek.com/c/a/Security/FBI-Online-Banking-Attacks-Reach-100-Million-Mark-785125/ and www.intercomputer.com.