Cyberthieves are using denial-of-service attacks to prevent corporations from discovering that their bank accounts have been raided, Brian Krebs reported Wednesday at krebsonsecurity.com.
Denial-of-service attacks aim to shut down websites by overwhelming them with more traffic than they are designed to handle. In some instances, "as soon as thieves wired money out of a victim organization's account, the victim's public-facing Internet address was targeted," making it impossible for employees to use the Web, Krebs wrote.
The attack begins by first infecting the organizations through malware distributed via phishing emails, he wrote. The recent incidents used emails impersonating Nacha, the electronic payments association. Only after the victim company is infected — and money has begun to leave its accounts — does the denial-of-service attack hit.
The thieves have also targeted banks directly, Krebs wrote. This strategy may increase the chance that a scam is noticed, since the denial-of-service attacks are so blatant, but the Federal Bureau of Investigation says the thieves may be hoping that the company is so distracted by the cyber-attack that it does not catch the bank fraud in time to reverse it.