Scammers Transfer $11 Million Stolen from SMBs to China

Attackers attempted to wire more than $20 million stolen from SMB accounts to accounts in China over the past year and managed to successfully transfer $11 million, according to the FBI.

Scammers successfully transferred more than $11 million stolen from small and midsize businesses to companies in China in the past year, according to the FBI.

Cyber-criminals stole banking credentials from companies and public institutions in the United States to fraudulently wire millions of dollars to Chinese companies, warned the FBI in a fraud alert issued April 26. There were 20 such incidents between March 2010 and April 2011, where the attackers attempted to steal $20 million and succeeded in stealing about $11 million, according to the federal agency.

In most cases, the thieves use phishing emails or rogue Websites loaded with data-stealing malware to compromise the computer of someone within the targeted company. When the victim, who generally has the authority to initiate funds transfers, tries to log into the Website, he or she is redirected to a page claiming the site is under maintenance.

At this point, criminals use the stolen log-in credentials to transfer money from the victims' accounts to intermediary accounts at a different United States bank, often located in New York. The funds are then transferred overseas to an account owned by one of the "economic and trade companies" located in China's Heilongjiang province. The stolen money is immediately withdrawn or transferred again from that Chinese account, the FBI said.

"It is unknown who is behind these unauthorized transfers, if the Chinese accounts were the final transfer destination, or if the funds were transferred elsewhere, or why the legitimate companies received the unauthorized funds," said the advisory. The FBI alert listed both the Agricultural Bank of China and the Industrial and Commercial Bank of China in the advisory.