Banking Blog

Finance Blogs » Banking Blog » Hackers empty $900K bank account

Hackers empty $900K bank account

By Claes Bell ·
Monday, February 25, 2013
Posted: 9 am ET

In itself, a distributed denial of service, or DDoS, attack on a bank's website is little more than costly hooliganism. It essentially consists of hackers ordering a bunch of malware-infected computers to "click" on a bank's website until it's too overwhelmed to respond to legitimate users.

The effect is pretty similar to a barricade across the entrance to your bank: You can't get in, but your money is still safe inside the bank.

But what if thieves used a DDoS attack as cover for a more harmful attack that did actually compromise customer checking accounts? That appears to be exactly what happened to a customer of Bank of the West, according to a report from security blogger Brian Krebs:

A Christmas Eve cyber-attack against the website of a regional California financial institution helped to distract bank officials from an online account takeover against one of its clients, netting thieves more than $900,000.

At approximately midday on Dec. 24, 2012, organized cyber crooks began moving money out of corporate accounts belonging to Ascent Builders, a construction firm based in Sacramento, Calif. In short order, the company's financial institution -- San Francisco-based Bank of the West -- came under a large distributed denial of service (DDoS) attack …

There were 62 individuals suckered in to acting as "mules" for the stolen money, according to Krebs.

It's standard operating procedure for scammers to recruit unsuspecting individuals and businesses ("make big money working from home!") to accept a substantial deposit from thieves and wire the bulk of it overseas, keeping a portion for themselves as payments. Typically, the money clears and the mule completes the transfer, only to have the authorities catch up with them and claw back the money, leaving them on the hook for most of the losses.

Obviously, you never want to agree to accept and transfer cash as these mules did. Aside from the legal implications of engaging in what amounts to money laundering, what good are promised payoffs if they're going to be clawed back later?

Another important step to avoid having your account on the receiving end of this type of coordinated attack is having up-to-date antivirus software installed on your computer. Krebs writes that the thieves may have gained access to Ascent Builders' bank logins using malware surreptitiously installed on its computers. And you don't want that happen to you, especially on Christmas Eve.

What do you think? Do you worry about online thieves draining your accounts? What precautions do you take to prevent that from happening?

Follow me on Twitter: @claesbell.

Bankrate wants to hear from you and encourages comments. We ask that you stay on topic, respect other people's opinions, and avoid profanity, offensive statements, and illegal content. Please keep in mind that we reserve the right to (but are not obligated to) edit or delete your comments. Please avoid posting private or confidential information, and also keep in mind that anything you post may be disclosed, published, transmitted or reused.

By submitting a post, you agree to be bound by Bankrate's terms of use. Please refer to Bankrate's privacy policy for more information regarding Bankrate's privacy practices.
March 20, 2013 at 1:16 pm

the drive by web infections are the ones that scare me. Exploits are so crafty these days.

March 19, 2013 at 5:36 pm

Information Week did a recent Small & Medium business magazine and named Corporate Account Takeover Fraud the #1 threat to Small & Medium Businesses.

This type of fraud is not identity theft. The cyber criminals take over your online banking credentials and then send payments to money mules using ACH or Wires. This type of fraud does not affect individuals (as your Bank is obligated to refund your losses under Regulation E), only business accounts.

If you are an Owners, CFO, or Bookkeeper, you need to buy a crime policy from your insurance agent or consider account takeover fraud protection from EFTGuard.

Don't take the risk.

March 19, 2013 at 3:17 pm

save the computers for news, research, weather, and most importantly to play SPADES. After all as a former hacker with hacker friends most of which once worked for google or microsoft anyways, they know all to well anything having to do with important info or money should be done via ur foot on the gas pedal...Not your hand on the mouse.

March 19, 2013 at 12:44 pm

The only safe way to do financial transactions online is to boot your computer from a live Linux CD and then do your banking.

David Hightower
March 18, 2013 at 9:04 pm

The only way this will ever stop is when the penalty is so severe no one will dare. It's just the same as robbing a bank. Setencing should match the crime. This was nearly $1M, so life without parole would be fair. Over $1M, solitary confinement for 25 years.

March 18, 2013 at 3:15 pm

it's not a matter of IF it will happen to each of us- it's a matter of WHEN!

March 17, 2013 at 2:17 pm

I have a laptop separate from my PC that I use for all financial related stuff. I never surf on the laptop so I don't expose it to webpages I don't know anything about. Plus, I have avast, superantispyware, microsoft antivirus running automatically, and also clean out my registry periodically on the laptop as well as my PC. I have the laptop using the same DSL as the PC and want to put in a wireless connection so I can stream to my TV. I'm a little concerned that makes the laptop more vulnerable.

March 16, 2013 at 11:37 am

Like a lot of people I spend all my Money and leave none for Hackers..

March 15, 2013 at 10:52 am

Dave you cant be too careful safe guard your SS your ONLINE ID also..Oh the last car you bought an your DRIVERS ID also..ALL paper trails are open for ID thieft..Your birth records are and have been broke into..GOOOD LUCK..

March 15, 2013 at 10:46 am

good for you DAVE