When a giant international cyber-theft ring was broken up recently, details emerged about a new tactic hackers are using to assault individual and business phones with persistent calls using automated dialing programs while the cell phones are tied up, raiding banks, brokerage and personal accounts.
If the financial institutions can’t reach the victims to ask about the suspected activity, the transactions often go through, law enforcement informs. It is a new twist on computer service attacks; in which hackers overload financial services websites with information in order to crash those sites.
The criminals in which dozens of arrests were made in the US and across the world, according to federal officials allegedly used the tactic responsible for losses of $70 million from accounts at various banks and brokerage firms, including J.P. Morgan Chase, E*Trade Financial Corp. and TD Ameritrade according to the Federal Bureau of Investigation.
TD Ameritrade confirms that it has been working with the FBI in its investigation of the ring since last December. Chase says it is working closely with both national, local law enforcement and cyber-security experts. An E*Trade spokeswoman says the company is cooperating with the investigation.
The ring allegedly used a “malware” program called “Zeus Trojan” to hijack accounts, embedding it in email messages and attachments. Once installed and open, it grabbed user names and passwords from banking and brokerage accounts, enabling the alleged crooks to consume accounts.
At the same time, victims’ phones were tied up with a flood of phone calls, according to the FBI, preventing them from contacting their bank or brokerage. Busy signals also prevented fraud monitors at the institutions from contacting victims, according to federal officials.
The ring then allegedly took over the accounts, transferring funds to new ones set up by accomplices or partners, who collected funds and transferred them elsewhere.
The telephone attacks lasted as long as a week, forcing victims to disconnect their lines or switch phone numbers, which bought the suspects, time to raid their accounts.
“They overwhelm a victim’s phones so that the bank can’t call the victim and the victim can’t call them. The FBI issued a national alert for consumers about the telephone denial service attacks this past June.
Investigators say the computer attacks on financial institutions began from Europe as many were students visiting the U.S. from Russia.
Victims across the U.S. have had anywhere from a few thousand to several hundred thousand dollars stolen from their accounts, officials state. Verizon informed the feds that at least a dozen institutions that have been targeted since February 2010, and at each one, up to hundreds of customers were affected.
One victim, a dentist in Florida, had nearly $400,000 stolen from a TD Ameritrade account last December. The victim was reimbursed by the brokerage firm.
According to federal officials “It’s the fastest-growing crime, along with ATM scanning of debit cards”.
FBI officials and security experts say the best way to protect against computer fraud is to use a very good antivirus like Norton protection for computer online banking and brokerage transactions. Also web surfing increases your risk of having malware installed on your computer.
According to the feds, “Use secure passwords and change them often. Update antivirus and firewall software regularly and be wary of suspicious or unsolicited emails, attachments and links. Check financial statements often and promptly notify financial institutions of suspicious transactions”.