The Fraud Blog with Tracy Kitten

Making Progress in the Fraud Fight

ACH Fraud Not Slowing; Response Keeping Pace

Despite widespread industry sentiment that ACH-related fraud is decreasing, a recent survey from the Financial Services Information Sharing and Analysis Center shows that incidents of corporate account takeover are actually up. [See ACH Fraud: The Impact on Banks.]

That revelation does not come as a huge shock. We've been reporting about these takeover events for two years now. And just when we think wire fraud attempts have slowed, we find new reports of successful transfers that drain accounts held by small business customers.

Let's look back to April. Remember that advisory that came out from the Federal Bureau of Investigation, FS-ISAC and the Internet Crime Complaint Center about the rash of unauthorized wire transfers being routed to China? Most of the affected small-businesses held accounts with community banks and credit unions, some of which use third-party service providers for online banking services.

Between March 2010 and April 2011, 20 incidents of wire fraud hit small and mid-sized U.S. businesses after online banking credentials were compromised. All of the transfers - typically ranging from $50,000 to $985,000 - were routed to questionable Chinese economic and trade companies located near the Russian border.

And then just last week we saw another takeover incident. This time, a nonprofit in Omaha, Neb., reported being hit with thousands in fraudulent ACH transactions, after one of its employees fell victim to a phishy e-mail, unleashing a malware attack that subsequently provided hackers access to the organization's payroll system.

Interestingly, the Metropolitan Entertainment & Convention Authority, the affected nonprofit, which operates the Qwest Center and other recreational facilities in Omaha, took full responsibility for the attack - an attack that ultimately led to $217,000 in fraudulent funds transfers.

Gartner Analyst Avivah Litan says MECA's admission of responsibility is interesting. Before the attack, MECA allegedly passed on security options offered by its bank, First National of Omaha, including one option that required two employees to sign off on every funds transfer request.

"I think the fact that the customer is taking responsibility is a big change, and is probably a reflection of many of the customer education efforts banks have put in place recently," she says. [See TD Bank on Customer Education.]

And it does appear change is occurring - not on the parts of the fraudsters, but on the side of the banks and commercial customers themselves. Banks and commercial customers are more often working together, and are catching fraudulent requests for funds transfers sooner.

FS-ISAC finds that among the 77 U.S. financial institutions it surveyed, 21 suffered from account takeover attempts sometime in 2009 and the first half of 2010. Among those 21 institutions, 108 takeovers were reported during the first 6 months of 2010. In 2009, only 86 takeovers were reported, though FS-ISAC did not say how many institutions were affected.

"Banks and customers are recognizing the situation sooner and are getting into response mode quicker, and so they're able to retrieve the funds before the transactions are irreversible," says Errol Weiss, a member of the FS-ISAC task force that focuses on ACH fraud.

It's clear cyberattacks are not slowing. They've been the catalyst for the Federal Financial Institutions Examination Council's June issuance of updated guidance for online authentication practices recommended for commercial accounts. [See FFIEC Authentication Guidance.]

Everyone knows online security is a problem. Now is the time to collaborate, educate and communicate, and it seems the industry is moving in the right direction.



About the Author

Tracy Kitten

Tracy Kitten

Former Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

Kitten was director of global events content and an executive editor at ISMG. A veteran journalist with more than 20 years of experience, she covered the financial sector for over 10 years. Before joining Information Security Media Group in 2010, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by CNN.com, ABC News, Bankrate.com and MSN Money.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.