The FBI has warned of a "significant increase" in fraud involving the exploitation of valid online banking credentials belonging to small and medium businesses, municipal governments, and school districts.
In a typical scenario, the targeted entity receives a "spear phishing" e-mail which either contains an infected attachment, or directs the recipient to an infected Website, says the FBI.
The malware contains a key logger for harvesting bank account login information, which is then used to either create another user account or directly initiate funds transfers by masquerading as the legitimate user. These transfers have occurred as both traditional wire transfers and as ACH transfers, says the FBI.
Further reporting has shown that the transfers are directed to the bank accounts of individuals who have been recruited via work-at-home advertisements, or have been contacted after placing resumes on well-known job search Websites. Shortly after funds are received, they are directed to immediately forward most of the money overseas via wire transfer services such as Western Union and Moneygram.
Concern over the upsurge in crybercrime has moved the bank-backed Financial Services Information Sharing and Analysis Centre to issue a confidential alert to members about the dangers posed to small businesses when banking online.
The note recommends that commercial banking customers should be induced to "carry out all online activity from a standalone, hardened and locked-down computer from which e-mail and Web browsing is not possible".
Other commentators have even suggested that small businesses close their accounts and open personal accounts instead, which carry more liability guarantees and are not exposed to fraud at the ACH.
The FBI is urging business users of online banking services to contact their financial institution to ensure they are employing all the appropriate security and fraud prevention services their institution offers.