Fraudsters Busted for Attacks on Bank of America

There has been a fair amount of press about a fraud ring that was broken up by the FBI. The ring defrauded Bankf of America out of an estimated $350,000. Hats off to BofA and the FBI for catching these yahoos.

I included several links with more information about the attacks. There isn't a ton of detail about the attacks, but the attackers did definitely perform some of the illicit transactions through voice contact centers. The attackers used mules to create new bank account and them presumably used social engineering and fraud to trick agents into transferring funds into the new accounts.

As I have said before, attackers are much better armed on these attacks than ever. It is easy for them to spoof their caller ID and have basic personal information about the target users account. It just isn't that hard to get social security numbers, dates of birth, etc. Even if the attackers only had some of this information, they can make repeated calls and either gather more information and/or find an inexperienced agent.

I don't say it enough, but SecureLogix has solutions that detect this sort of issue in real-time. For more information see us at SecureLogix's Web Site

Here are some links. Note that the last link is to a blog post from TrustID, a company specializing in caller ID validation and a partner of SecureLogix.

http://www.bankinfosecurity.com/takeover-scheme-targets-bank-america-a-5042?rf=2012-08-17-eb&elq=65029319302b4de4aae703a41f91dbe5&elqCampaignId=4244

http://www.darkreading.com/identity-and-access-management/167901114/security/attacks-breaches/240005797/seven-indicted-in-bank-of-america-scam.html?cid=nl_DR_daily_2012-08-20_html&elq=de749301232e48a8a6947068c3520987

http://www.fbi.gov/detroit/press-releases/2012/seven-people-indicted-for-bank-of-america-account-takeover-scheme

http://www.trustid.com/blog/