Even though Brian Krebs, author of the Krebs on Security blog, knew that the Town of Eliot, Maine was likely to have its account raided by cyber thieves, he was unable to stop it.
Krebs wrote on his blog Tuesday that he heard from a "money mule," a person hired to move money from a compromised account, that a transfer was being made from Eliot's account. Krebs said he warned the town, which warned its bank, TD Bank, that the account was likely compromised. TD later notified the town of a suspicious group of transfers totaling $28,000 but "dropped the ball" in failing to block the transfers, Krebs wrote.
TD Spokeswoman Jennifer Morneau would not discuss the incident with Krebs or with American Banker for reasons of customer privacy.
Norma Jean Spinney, the town controller, said the bank requires a user name, password and the answer to a challenge question for account access. Krebs noted that these methods are no longer considered adequate for protecting business accounts, according to new rules from the Federal Financial Institutions Examination Council.
A forensic analysis determined that Spinney's computer was infected by two malicious programs when the transfers occurred. Krebs advises using an operating system other than Windows for account access. "The attacks I've written about to date involved malware that will not run on anything but a Windows PC," he wrote.