Sophisticated fraud scheme is targeting large and medium-sized U.S. companies, bank customers

The Dyre Wolf
IBM has uncovered a new and effective strategy criminals use to compromise consumers’ online banking accounts and send unauthorized wires on their behalf. The scheme, which IBM security researchers have dubbed, “The Dyre Wolf,” is targeting people working in companies by sending spam email with unsafe attachments. If the end user clicks on the attachment to download, the person’s (and company’s) computer are then infected with malware. The sophisticated malware then waits silently until it recognizes that the user is visiting a bank website.

April 7, 2015

IBM has uncovered a new and effective strategy criminals use to compromise consumers’ online banking accounts and send unauthorized wires on their behalf. The scheme, which IBM security researchers have dubbed, “The Dyre Wolf,” is targeting people working in companies by sending spam email with unsafe attachments. If the end user clicks on the attachment to download, the person’s (and company’s) computer are then infected with malware. The sophisticated malware then waits silently until it recognizes that the user is visiting a bank website.

The program then generates a “pop up” screen that the bank’s website is having problems and asks the victim to contact the bank at a specific phone number. If the victim calls the number, the criminals are on the other end acting as the bank and offering “help” when actually gathering the user’s information. This scam results with criminals logging in to the victim’s commercial internet banking account and originating a wire to an unauthorized account. The criminals have also been known to generate a Denial of Service (DOS) attack on the victim’s IT infrastructure to prevent the victim from logging in to his or her internet banking account to delay detection of the fraud.

Please be aware of this scam as it has the potential to make its way to the Valley, as have prior scams.

For your security, F&M Bank does not permit wire originations through internet banking. F&M Bank will also always communicate a website or online banking service interruption in advance on our homepage (www.fmbankva.com), via email to customers, and on its Facebook and Twitter pages.

Read more at Reuters about this scam.