How Exactly Do Cyber Criminals Steal $78 Million?
Let's say you're a cyberthief who just compromised hundreds of bank accounts worth millions of dollars. Congratulations! You’re nevertheless the scourge of the global community. Nevertheless, all you need to do is get your hands on that money. How do you do that? You don't just walk into a bank and stroll out with bags of cash - do you? Or do you?
The newest cyber grenades have fully automated capabilities that eliminate the need for hackers to manually transfer funds from one account to another. That allows the thief to stay much more hidden than in the past. Hackers as well now use entire servers that are customized to target individual banks. Nevertheless the scarier part is that most users who are hacked won't even know their account has been compromised until long afterwards their money has disappeared.
This level of sophistication was found in Operation High Roller, a cyber attack that targeted both individuals and businesses and likely stole about $78 million across Europe, Latin America and the United States. The amount of attempted fraud was then over a billion dollars, says Dave Marcus, director of advanced technology and threat intelligence at security company McAfee.
But once thieves are able to transfer money out of an account, how do they then in fact get their hands on it? Anonymously shifting a bunch of ones and zeros around cyber space is one thing, finally — really walking out of a bank with a wad of cash seems like it’d be a much riskier endeavor. Nevertheless, that in fact turns out to be the easy part.
Couple ways criminals go about it
There are at heart a couple ways criminals go about it. First, they can use an existing hijacked account, in which they can transfer money in and out, all outside of normal banking hours so it goes undetected by the actual accountholder. Or they can use a money mule, which is someone who knows that their account is being used for illegal purposes nevertheless gets a small chunk of the money.
As mobile payments become more common, cyber criminals are increasingly using hacked phones as payment devices. And because transactions are made in real time, those payments can’t be undone. Because of the false information in other words fed to the financial institution and the accountholder, the money is often in the hands of cyberthieves previously either of them realize it.