Posted on Sunday, 15th November 2009 by Admin
Corporate controllers, CFOs and finance staff must be extremely vigilant these days. Last week it was revealed by the FS-ISAC that emails are being sent by fraudsters to corporate finance employees. These emails pretend to come from the National Automated Clearing House (NACHA), the group responsible for setting the rules for the nation’s Automated Clearing House (ACH), the bank-to-bank payment system that is used for clearing checks and making payroll deposits.
These emails claim to be from NACHA, and say that a corporate ACH payment has been rejected. The email contains a link to a fake NACHA website that downloads the Zeus banking trojan onto the victim’s computer. Here is a link to NACHA’s warning page about this latest threat to the corporate banking system.
The next time the finance person logs in to their bank’s corporate banking website, the Zeus trojan goes to work, silently copying their username and password, and in some cases even stealing One Time Passwords and other authentication tokens values.
Zeus is continually evolving, and most anti-virus security suites do not detect the latest versions, sometimes for days or even weeks after they are released.
The hackers behind the Zeus trojan are estimated to have attempted ovr $85 Million in fraudulent payments from corporate bank accounts over the last several months. The FBI estimates that unrecovered losses amount to $40 Million so far.
Similar Posts:
- Corporate Online Banking is at Risk – FBI Says $100M in Attempted Online Theft This Year
- Job Seeker’s Information Stolen in Guardian Jobs Website Hack
- Internet Virus Steals Over 3 Million from US Bank Accounts
- Scam Focused on Facebook Users
- Change your Passwords- Accounts Compromised and Good Practice
Tags: Emails
Posted in Thieft Protection | No Comments »