Banking Blog

Finance Blogs » Banking Blog » Hackers empty $900K bank account

Hackers empty $900K bank account

By Claes Bell ·
Monday, February 25, 2013
Posted: 9 am ET

In itself, a distributed denial of service, or DDoS, attack on a bank's website is little more than costly hooliganism. It essentially consists of hackers ordering a bunch of malware-infected computers to "click" on a bank's website until it's too overwhelmed to respond to legitimate users.

The effect is pretty similar to a barricade across the entrance to your bank: You can't get in, but your money is still safe inside the bank.

But what if thieves used a DDoS attack as cover for a more harmful attack that did actually compromise customer checking accounts? That appears to be exactly what happened to a customer of Bank of the West, according to a report from security blogger Brian Krebs:

A Christmas Eve cyber-attack against the website of a regional California financial institution helped to distract bank officials from an online account takeover against one of its clients, netting thieves more than $900,000.

At approximately midday on Dec. 24, 2012, organized cyber crooks began moving money out of corporate accounts belonging to Ascent Builders, a construction firm based in Sacramento, Calif. In short order, the company's financial institution -- San Francisco-based Bank of the West -- came under a large distributed denial of service (DDoS) attack …

There were 62 individuals suckered in to acting as "mules" for the stolen money, according to Krebs.

It's standard operating procedure for scammers to recruit unsuspecting individuals and businesses ("make big money working from home!") to accept a substantial deposit from thieves and wire the bulk of it overseas, keeping a portion for themselves as payments. Typically, the money clears and the mule completes the transfer, only to have the authorities catch up with them and claw back the money, leaving them on the hook for most of the losses.

Obviously, you never want to agree to accept and transfer cash as these mules did. Aside from the legal implications of engaging in what amounts to money laundering, what good are promised payoffs if they're going to be clawed back later?

Another important step to avoid having your account on the receiving end of this type of coordinated attack is having up-to-date antivirus software installed on your computer. Krebs writes that the thieves may have gained access to Ascent Builders' bank logins using malware surreptitiously installed on its computers. And you don't want that happen to you, especially on Christmas Eve.

What do you think? Do you worry about online thieves draining your accounts? What precautions do you take to prevent that from happening?

Follow me on Twitter: @claesbell.

Bankrate wants to hear from you and encourages comments. We ask that you stay on topic, respect other people's opinions, and avoid profanity, offensive statements, and illegal content. Please keep in mind that we reserve the right to (but are not obligated to) edit or delete your comments. Please avoid posting private or confidential information, and also keep in mind that anything you post may be disclosed, published, transmitted or reused.

By submitting a post, you agree to be bound by Bankrate's terms of use. Please refer to Bankrate's privacy policy for more information regarding Bankrate's privacy practices.
James Ferguson
February 25, 2013 at 6:54 pm

Does anyone realize just how underpaid bank tellers are? It's human nature that when you have debts and are surrounded by tons of money, you don't think about borrowing some?
To make it plain to everyone, look at the people who are closest to the money. Those are the ones that can be very helpful to the crooks.
There is no great mystery here. Just like with computer viruses;Do you think that there are no disgruntled Microsoft employees that don't want to exact revenge on their previo0us bosses?

February 25, 2013 at 6:50 pm

My account was compromised this weekend. However the dummy account that the funds were transferred to under the name Sean Doyle is traceable. The mistake this idiot made was picking my account to steal from. My only hope is that when I do trace it back to the creator, it is not a kid. He/she probably doesn't deserve what is going to happen to him/her.

February 25, 2013 at 6:06 pm


February 25, 2013 at 4:51 pm

Hey,take this seriously.A substantial amount of money was taken from our account after our lab top was stolen. Thank God we caught it before the money was released!

February 25, 2013 at 4:11 pm

This is probably a cheap story just to scare some 200,000people so we can all find a new and expensive way to keep our money close. This story is just a simple buisness plan.

February 25, 2013 at 4:11 pm

these mules scams are heartless evils!!!

February 25, 2013 at 3:50 pm

I do not worry about hackers gaining access to my funds. I am married with children; I have no funds. I wish a hacker would take over my account for me, he/she just might do better with it than my wife does.

February 25, 2013 at 3:47 pm

My bank account has been tapped into one way or another 5 times in the last 4 years. And every time it was done by individuals who offered incorrect information. One person ran 2 checks through my account that didn't even have my name on them. And when the second one bounced the bank charged me a fee! I'll never understand how a stranger can have easier access to my money than I do. Just proves that they really don't have a handle on preventing these things.

Common Sense72
February 25, 2013 at 3:45 pm

These SPAM emails have been in the news for so long now that people should know enough to avoid them. I am still amazed with the amount of stupidity and the lack of common sense people still have today.

Aside from emails about winning or inheriting millions there are emails from the most common website job boards for "work-at-home" positions. These emails are so obvious when they immediately ask for personal information (home address, age, phone number, and etc...). It is most obvious when the email address of the sender is AOL, YAHOO or some other not containing the name of the actual company and you cannot Google the name of the employer in the USA.

pablo arizan
February 25, 2013 at 3:42 pm

I hate how people try to get ur money with these scams like get a job u bum