According to V3.co.uk, the FBI’s Internet Crime Complaint Center is warning that SMBs are increasingly being targeted by phishers, who have sent over $20 million in banking funds into Chinese accounts. The center has tracked a series of fraudulent transfers to the Heilongjiang province in China, which is near the Russian border.
Attackers use Zeus, Spybot or other malware to push code onto the victims’ computers and harvest banking information, which is then sent to seemingly legitimate Chinese business accounts. According to the FBI:
The unauthorized wire transfers range from $50,000 to $985,000. In most cases, they tend to be above $900,000, but the malicious actors have been more successful in receiving the funds when the unauthorized wire transfers were under $500,000.
The attacks are highly organized. Even though the money is sent to China, it is not known who is behind the attacks, or even if the stolen money stays in China.