Beech Tree News Network

Cyber criminals have found yet another way to steal your hard-earned money: a recent phishing scheme involves spam e-mails-purportedly from the National Automated Clearing House Association (NACHA), the Federal Reserve Bank, or the Federal Deposit Insurance Corporation (FDIC)-that can infect recipients’ computers with malware and allow access to their bank accounts.

The malware is appropriately called “Gameover” because once it’s on your computer, it can steal usernames and passwords and defeat common methods of user authentication employed by financial institutions. And once the crooks get into your bank account, it’s definitely “gameover”.

Game over is a newer variant of the Zeus malware, which was created several years ago and specifically targeted baking information.

How the scheme works: Typically, you receive an unsolicited e-mail from NACHA, the Federal Reserve, or the FDIC telling you that there’s a problem with your bank account or a recent ACH transaction. (ACH stands for Automated Clearing House, a network for a wide variety of financial transactions in the U.S.) The sender has included a link the e-mail for you that will supposedly help you resolve whatever the issue is. Unfortunately, the link goes to a phony website, and once you’re there, you inadvertently download the Game over malware, which promptly infects your computer and steals your banking information.

After the perpetrators access your account, they conduct what’s called a distribute denial of service, or DDoS, attack using a botnet, which involves multiple computers flooding the financial institution’s server with traffic in an effort to deny legitimate users access to the site-probably in an attempt to deflect attention from what the bad guys are doing.

But that’s not the end of the scheme:  Recent investigations have shown that some of the funds stolen from the bank accounts go towards the purchase of precious stones and expensive watches from high-end jewelry stores.  The criminals contact these jewelry stores, tell them what they’d like to buy, and promise they will wire the money the next day.  So the next day, a person involved in the money laundering aspect of the crime-called a “money mule”- comes into the store to pick up the merchandise.  After verifying that the money is in the store’s account, the jewelry is turned over to the mule, who then gives the items to the organizers of the scheme or converts them for cash and uses money transfer services to launder the funds.

In many cases, these money mules are willing participants in the criminal scheme.  But increasingly, as part of this scheme, we see and increasing number of unsuspecting mules hired via “work at home” advertisement who end up laundering some of the funds stolen from bank accounts.  The criminals e-mail prospective candidates claiming to have seen their resumes on job websites and offer them a job.  The hired employees are provided long and seemingly legitimate work contacts and actual websites to log into.  They’re instructed to either open a bank account or use their own bank account in order to receive funds via wire and ACH transactions from transactions form numerous banks...and then use money remitting services to send the money overseas.

If you think you’ve been victimized by this type of scheme, contact your financial institution to report it, and file a complaint with the FBI’s Internet Crime Complaint Center.

For more information, contact the Butler County Extension Office at 113 East G L Smith Street, Morgantown or call 526-3767. Educational programs of the Kentucky Cooperative Extension Service serve all people regardless of race, color, age, sex, religion, disability, or national origin. 

Source:  FBI news release January 6, 2012 http://www.fbi.gov/newa/stories/2012/january/malware  010616