CATOs occur when cyber thieves gain control of systems by stealing sensitive employee credentials and information. Criminals can then initiate fraudulent wire transfers and transactions through the ACH to any account. Thieves typically access a computer via malicious software (malware) that can infect a computer through e-mail, websites, or as malware disguised as software.
– Domestic and International Wire Transfers
– Business-to-Business ACH payments
– Online Bill Pay and electronic payroll payments have all been used to commit this crime
How Do They Do It?
– User contracts malware
– Browsing to an infected website
– Zeus, SpyEye, other banking trojans
– Malware waits or is preparing to phone home
– Waits for the user to log into a sensitive site, e.g. internet banking
– Steals login credentials, sends them to a foreign server
– Piggybacks on an ACH/Wire on valid transaction
– Change wire transfer information
– Informs the user that internet banking is not available or initiates a DDoS to the internet banking site.
Best Practice recommendations for Businesses
Educate all employees on this type of fraud scheme:
Enhance the security of computer networks: