Finjan Warns SMBs of Increase in Cyber Criminals Targeting their Online Bank Accounts
August 2009 by Finjan
Finjan Inc. responded to the recent cybercrime alert that was sent to members of the Financial Services Information Sharing and Analysis Center. Finjan warns companies to increase security and improve employee awareness of the increase in threats to their online banking facilities in light of the increase of activity by Cyber Criminals.
The alert sent last Friday states that in the past six months, financial institutions, security companies and law enforcement agencies are all reporting a significant increase in funds transfer fraud. It involves the exploitation of valid banking credentials belonging to small and medium sized businesses.
“This illustrates a new facet of cybercrime that we are seeing today,” said Yuval Ben-Itzhak, CTO at Finjan. “In addition to the well-documented, massive data breaches against large institutions, organized cyber gangs are also now shifting their focus on small and mid-size companies. This trend includes stealing credentials to gain access to the corporate network to initiate a series of fraudulent wire transfers in increments of less than $10,000 from corporate bank accounts, which helps them avoid banks’ anti-money-laundering reporting requirements.”
“We have seen an increase in targeted attacks against financial institutions already in 2008 and predicted in our Web Security Trends Report of last year that both the amount of attacks and their severity will increase against financial institutions and their customers,” Ben-Itzhak added. “We welcome and encourage the continued sharing of this kind of cybercrime intelligence to help minimize the effects of cybercrime. Sharing information, as also pointed out by the security team of Google, helps raise awareness as to the methods and techniques cybercriminals use and ultimately will contribute to the safety of business. Enterprises, Medium and Small businesses should heed the warning of the Financial Services Information Sharing and Analysis Center and we advise them to out in place appropriate security which utelises real time inspection technology , they put in processes to check their financial transactions regularly for irregularities and train their people to follow best security practices. ” Ben-Itzhak concluded.
In the UK businesses should also be aware of the advice contained in the banking code and specifically section 12.9 and 12.11, as if they do not follow the advice of the British Bankers’ Association then their bank has the right to refuse to reimburse them for an online fraud carried out against them.