Is Your Local Pizza Parlor a Front for Cybercrime?
If you’re a Pittsburgh resident or familiar with the area, take a look at the map below. Recognize any of these pizza parlor locations?
The owner of one of these restaurants was linked to the recently discovered Operation High Roller financial fraud cyberattacks.
Operation High Roller is a global financial fraud ring discovered this year by the researchers at McAfee Labs. It targets high-net bank accounts, which could mean bad news for families saving for a house, retirement, or anyone who owns their own business. Fronts for these attacks can be found anywhere – from your local pizza parlor to the house next door.
Our research team is extremely interested in these attacks, because it’s a type of fraud never seen before. What’s unique to Operation High Roller is that attacks are done automatically. There is no cyber criminal lurking in the dark. Computers do all the work, using a sophisticated virus to bypass bank security and conceal withdrawals in bank statements. This means that criminals can move faster, and they can drain bank accounts of almost any amount without immediate detection.
How hackers get in, and how you can protect yourself:
Here’s a rundown of how the criminals behind Operation High Roller take advantage of victims, and what you can do to fight back every step of the way.
Step 1) Hackers send a phony email asking you to change your online banking password.
The image below is of an actual scam email sent to an Operation High Roller victim.
The link inside the email takes you to a malicious site, where the Operation High Roller virus will automatically download onto your computer.
How to Fight Back: Never click on links in emails or texts from an address you don’t know, and be extremely suspicious of any email asking you to reset or confirm a password, unless you personally prompted the request. If you have doubts, call your bank to confirm the change, and always use the phone number or contact information listed on your bank’s main website.
Step 2) The virus steals information from your bank’s website.
Once the virus has been downloaded to your computer, the next time you log on to your bank’s website, the virus inserts extra fields or notifications into the browser. For example, you might see a fake “please wait” screen while the virus collects your bank account information.
How to Fight Back: If your bank website suddenly changes its look, asks for different or new login information, or gives you strange popup messages, contact your bank immediately. Use the phone number or contact information listed on your bank’s main website, never an email link, and report the changes right away. If the activity is suspicious, the bank can immediately place a fraud alert on your account and stop the virus from completing its mission.
Step 3) Operation High Roller complete: Goodbye, savings!
Once the Operation High Roller virus has stolen all of your bank account information, it can automatically (no hacker required) log into your bank website and transfer as much money as it wants out of your accounts.
What is especially clever about this process is that the virus can actually hide evidence of the attack – erasing any transfer confirmation emails and changing the account balance on your statements. It’s a beautifully executed hit-and-run operation, which is why these attacks are so dangerous.
How to Fight Back: Always review printed bank statements for unusual transactions and report any suspicious activity to your bank as soon as possible. You can also double-check the activity on your bank’s mobile app via your smartphone or tablet to ensure that what you’re seeing is accurate.
Bottom Line: Cybercriminals are smart, but you can stay one step ahead.
Just as hackers have automated their game, users at home will always need an extra layer of protection just in case a malicious email gets through. Just this week, we announced new enhancements to McAfee All Access 2013, which provides advanced protection for all devices in the home – from your desktop computer to your smartphone and tablet.
To learn more about Operation High Roller and what you can do to keep your bank accounts safe, check out the infographic below, and be sure to follow us on Twitter with @McAfeeConsumer.