Banking Blog

Finance Blogs » Banking Blog » Hackers empty $900K bank account

Hackers empty $900K bank account

By Claes Bell ·
Monday, February 25, 2013
Posted: 9 am ET

In itself, a distributed denial of service, or DDoS, attack on a bank's website is little more than costly hooliganism. It essentially consists of hackers ordering a bunch of malware-infected computers to "click" on a bank's website until it's too overwhelmed to respond to legitimate users.

The effect is pretty similar to a barricade across the entrance to your bank: You can't get in, but your money is still safe inside the bank.

But what if thieves used a DDoS attack as cover for a more harmful attack that did actually compromise customer checking accounts? That appears to be exactly what happened to a customer of Bank of the West, according to a report from security blogger Brian Krebs:

A Christmas Eve cyber-attack against the website of a regional California financial institution helped to distract bank officials from an online account takeover against one of its clients, netting thieves more than $900,000.

At approximately midday on Dec. 24, 2012, organized cyber crooks began moving money out of corporate accounts belonging to Ascent Builders, a construction firm based in Sacramento, Calif. In short order, the company's financial institution -- San Francisco-based Bank of the West -- came under a large distributed denial of service (DDoS) attack …

There were 62 individuals suckered in to acting as "mules" for the stolen money, according to Krebs.

It's standard operating procedure for scammers to recruit unsuspecting individuals and businesses ("make big money working from home!") to accept a substantial deposit from thieves and wire the bulk of it overseas, keeping a portion for themselves as payments. Typically, the money clears and the mule completes the transfer, only to have the authorities catch up with them and claw back the money, leaving them on the hook for most of the losses.

Obviously, you never want to agree to accept and transfer cash as these mules did. Aside from the legal implications of engaging in what amounts to money laundering, what good are promised payoffs if they're going to be clawed back later?

Another important step to avoid having your account on the receiving end of this type of coordinated attack is having up-to-date antivirus software installed on your computer. Krebs writes that the thieves may have gained access to Ascent Builders' bank logins using malware surreptitiously installed on its computers. And you don't want that happen to you, especially on Christmas Eve.

What do you think? Do you worry about online thieves draining your accounts? What precautions do you take to prevent that from happening?

Follow me on Twitter: @claesbell.

Bankrate wants to hear from you and encourages comments. We ask that you stay on topic, respect other people's opinions, and avoid profanity, offensive statements, and illegal content. Please keep in mind that we reserve the right to (but are not obligated to) edit or delete your comments. Please avoid posting private or confidential information, and also keep in mind that anything you post may be disclosed, published, transmitted or reused.

By submitting a post, you agree to be bound by Bankrate's terms of use. Please refer to Bankrate's privacy policy for more information regarding Bankrate's privacy practices.
the king
March 06, 2013 at 10:52 pm

i went througth this in 2006 and lost $856,000.00 and the bank only had to pay out in 90 days 10% or $85,600.00 and i lost everthing ...the person was from another country and was working here on a green card and own a company . the whole story is the internet is a big loss to americans for we save and work hard to loose it all to another person in the world and cannot do anything to them ....chapter 7 is a hard thing to get over and the loose of all i worked for is also hard at 60 years old they say BEEN THERE AND DONE THAT !!! the king

March 06, 2013 at 3:49 pm

The old adage applies here; if it looks to good to be true it probably is. There are scams like this on the Internet every day and unfortuantely allot of people down on their luck get caught up in it. It's easy to see why. The promise of easy money for simply transferring funds is a temptation many fall for if they are on hard times...paying the mortagage, food on the table, no work and unemployment has run out, an opportunity to get finances caught up etc. We need more government oversight or a means for the average computer user to track down where offers of these type originate from. Then we need the ability to track and take them down-even if it requires International agreements.

Leah Eisen
March 05, 2013 at 3:19 pm

Christmas Eve I reported to FBI, Bank of America security officials of a wide scale effort to obtain sun numbers from its customers who were calling the 800 number on the back of their bank cards. I was trying to check my balance to make sure I didn't OD my account while making last minute purchases.

I was repeated asked for my SSN# which I was told by BofA never to provide.

FBI, SM Police, and BofA all stated no crime existed and they could do nothing!!!!

I was amazed at how they all seemed to be helping instead of preventing a possible crime in progress.

The "New" programming dept at BofA doesn't need to ask nor should we have to provide this information via the telephone or online. Our Security Questions should suffice, when I stated I would rather provide answers to my security questions the operator hung up. She was obviously not a BofA professional!

March 05, 2013 at 2:36 pm

So William, now liberals are accused of being greedy? So basically if anything goes wrong, it must be the liberals? You are a complete idiot.

March 05, 2013 at 7:39 am

And FDIC will only pay to the amount of $250,000.00

March 04, 2013 at 2:15 pm

Most business owners do not understand that many of the rules protecting consumer accounts do not apply to business accounts. The most important set of rules is called Regulation E as in "Electronic".

If you have a business account and use it to pay vendors or employees via ACH and are hacked such that your money is redirected to another bank account, your Bank is not responsible for the losses. You are responsible for the protection of your PC, network, Mac, smartphone, etc., and any commands issued by your login credentials are your responsibility.

My advice is to make sure your business is protected with a cybercrime theft policy that covered Account Takeover Fraud (which is what the industry calls this type of theft). Your general liability policy will not cover such losses. Or, consider a lower priced protection program from vendors such as EFTGuard, which offers substantial protection but at a reasonable rate.

March 03, 2013 at 11:53 pm

William - hopefully you're a troll but, if not (and maybe if so), you could benefit from anti schitzo meds.

Stephen W. Anderle
March 03, 2013 at 11:24 pm

What a bunch of Donkeys! Did they ALL really think this was legal? I turned in a guy was doing this. He sent me a M.O. for 900.00 It had been cashed 2 months before for 500.00!! He lives in Florida !! And has a helper in California mailing out these copies, ( They are very good copies!), and people are supposed to use some for shopping and wire him 500.00 by Western Union. Why hasn't the government stopped him?? He's doing this for 30 years!! It is called the Pickens scam. That's his name, or at least the one he uses!!

John Larson
March 03, 2013 at 4:07 pm

I use Puppy Linux on a live cd and I don't mount my hard drive

March 03, 2013 at 9:38 am

Sounds like the Govertment to me. The Liberals who want everything for nothing & stealing more of it money every day.higher prices on everything means more money for the liberals.