IBM uncovers new bank transfer cyber scam | Independent Newspapers Limited
Newsletter subscribe

Business, IT & Telecomms

IBM uncovers new bank transfer cyber scam

Posted: Apr 7, 2015 at 3:01 am   /   by   /   comments (0)

By Emmanuel Okwuke –  Senior  IT. Correspondent 


International Business Machines (IBM) has uncovered a sophisticated fraud scheme run by a well- funded Eastern European gang of cyber criminals that uses a combination of phishing, malware and phone calls technology company that has netted more than $1 million from large and medium-sized companies in the United States of America.

The scheme, which IBM security researchers have dubbed “The Dyre Wolf,” is small in comparison with more recent widespread online fraud schemes but represents a new level of sophistication.

According to IBM, since last year the attackers have been targeting people working in companies by sending spam e-mails with unsafe attachments to get a variant of the malware known as Dyre into as many computers as possible.

If installed, the malware waits until it recognises that the user is navigating to a bank website and instantly, creates a fake screen telling the user that the bank’s site is having problems, and to call a certain number.

If users call that number, they get through to an English-speaking operator who already knows what bank the users think they are contacting.

The operator then elicits the users’ banking details and immediately starts a large wire transfer to take money out of the relevant account.

The use of a live phone operator is what makes the scheme unique, said vice president of IBM Security, Caleb Barlow.

“What’s very different in this case, is “we saw a pivot of the attackers to use a set of social engineering techniques that I think are unprecedented,” said Barlow.

“The focus on wire transfers of large sums of money really got our attention.”, Barlow added

IBM did not release any details on which companies fell prey to the scheme or the location of the perpetrators

“Once the transfer is complete, the money is then quickly moved from bank to bank to evade detection”, Barlow claimed

In one instance, IBM said, the gang hit the victim company with a Denial of Service Attack – essentially bringing down their Web capabilities – so it would not discover the theft until much later.

IBM Corp’s security unit is recommending that companies make sure employees are trained in spotting phishing attacks – where emails or attachments can infect a computer – and to never provide banking credentials to anyone.