The Hacker News
Small businesses are worried about a new scam: criminals in search of work who want to break into online bank accounts.

The U.S. Federal Bureau of Investigation issued a warning Wednesday on a new version of a fraud technique called long-term computer automated information exchange fraud.

With ACH fraud criminals to install malware on their computers and small businesses use to access online bank account of the company. They created a fake transfer of funds, adding fake employees or beneficiaries, and move the money offshore.

Scammers can move hundreds of thousands of dollars in a few hours with this technique. Often target small businesses that use regional banks or credit unions, which often lack the resources to identify and block fraudulent transfers.

This is the last resulted in a scam, criminals are apparently looking for companies that use on-line and then send malicious programs, which seems to have falsified job applications.

An unnamed U.S. company recently lost $ 150,000 in this way, according to the FBI Internet Crime Complaint Center. "Malicious software embedded in the response via e-mail to a workplace can have a website job," the FBI said in a press release. Malware, Trojans Bredolab variant "is an attacker to compromise online banking credentials of a person was authorized to carry out operations within the company."

This scam has been around since at least six months, according to security vendor SonicWall, who reported the Trojan horse in July last year.

Typo filled Trojans seemed Word SonicWALL has seen and read: ". Hello, I understand that you have available to work I'm interested in peaceful So I am sending it to continue, waiting for your answer thank you ..."

Case, the FBI reported, the Trojan has been used to transfer money to Ukraine and the other two bank accounts in the United States.

"The FBI recommends that potential employers e-mail alert for the opening of the employee perspective," the FBI said.

There are some things consumers and small businesses can do if they have doubts about e-mails with attachments. It is safest to delete the attachment, and write to the sender asks for a plain text version. Alternatively, they can open the document in Google's Gmail to see if it proves legitimate.



News Source : Pc World

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.