Last week arrests of 19 people in London has Scotland Yard's special electronic crimes unit unraveling what appears to be a online banking scheme that stole at least $9 million from thousands of banking customer accounts.
Police say that for the last three months the accused criminals, 15 men and four women, infected the customers' computers with a Trojan computer virus known as Zeus, designed to steal banking credentials from unsuspecting users. The $9 million taken may go higher as the investigation continues. Another 37 arrests in the U.S. happened on Thursday.
In November, Scotland Yard arrested a man and a woman in Manchester after they were accused of infecting computers with malware similar to Zeus. At the time, police said the two were the first people to be arrested on suspicion of using this type of malware to steal money from bank accounts. Police and malware researchers warn that Zeus, also known as Zbot, is a worldwide threat. It's attacks have increased in number, and the sophistication of attacks is increasing as well.
In May, the Anti Phishing Working Group released a report showing that Avalanche, the same electronic crime syndicate behind two-thirds of the phishing attacks detected in the last half of 2009, was linked to a rash of incidents targeting small and mid-size businesses. Avalanche successfully targeted some 40 banks and online service providers, as well as vulnerable or non-responsive domain name registrars and registries.
The individuals and businesses were hit with the Zeus Trojan, which was embedded in the phishing e-mails. Businesses that were attacked then became victims of fraudulent automated clearing house and wire transactions, as the criminals posed as employees of the business, moving thousands of dollars to overseas locations.
Banks must implement a dual strategy: increased controls and detection at their servers and deployment of secure endpoints and strong authentication to customers.