Wallingford, CT - January 26, 2011 – Connecticut BBB is issuing an alert that e-mails containing malware are being sent to businesses concerning their online job postings. The Federal Bureau of Investigation (FBI) reports that cybercriminals engaging in fraud involving Automated Check Handling (ACH) and wire transfers are targeting businesses by responding via e-mail to employment opportunities posted online.
According to the FBI, more than $150,000 was stolen from a U.S. business via an unauthorized wire transfer as a result of an e-mail containing malware. Malware is malicious computer code that can destroy computer files, turn a computer into a SPAM server and harvest computer owners' logins and passwords while browsing the Internet.
The malware was embedded in an e-mail response to a job posting the business placed on an employment website and allowed the attacker to obtain the online banking credentials of the person who was authorized to conduct financial transactions within the company. The malicious actor changed the account settings to allow the sending of wire transfers, one to the Ukraine and two to domestic accounts. The malware was identified as a Bredolab variant, svrwsc.exe.
This malware was connected to the ZeuS/Zbot Trojan, which is commonly used by cyber criminals to defraud U.S. businesses.
Employers should stay up-to-date on their virus protection. Running a virus scan prior to opening any e-mail attachments from a potential employee could provide more security.
The FBI recommends businesses use separate computer systems to conduct financial transactions. Anyone who believes they have been a target of this type of attack should contact their financial institutions, the FBI, and report it to the IC3's website at www.IC3.gov