Masquerading Presents New Threats to Banks and Their Clients

A new impersonation scheme known as masquerading is focusing on C-level executives to commit ACH and wire fraud. Federal authorities and researchers have been issuing warnings about these attacks. Masquerading involves hackers infiltrating e-mail networks to perpetrate fraud and cyber-espionage resulting in the takeover of a C-level executive’s e-mail account. The hackers then literally “masquerade” as the executive, convincing lower-level employees to share confidential information or schedule fraudulent wire and ACH transfers. These attacks are generally waged against a bank’s commercial customers and not necessarily against the bank itself. The attacks may include spear-phishing, to takeover a legitimate e-mail account, or it may involve creating a similar domain, so that fraudulent e-mails appear to be legitimate.

Once cybercriminals have control of an executive’s e-mail account, they use it to send out e-mails to lower-level employees or even bank staff instructing them to perform some task with a sense of urgency. Because of that urgency, typical security practices are often ignored. Posing as company executives, the criminals could send e-mails to the bank to request wire transfers from the business’s account to a bogus account, often outside the U.S., controlled by the criminals. The best way for banks to protect against these scams is through increased security procedures when making wire transfers.

The Internet Crime Complaint Center in late June issued a warning concerning how attackers were increasingly targeting corporate and cloud-based e-mail accounts and networks to schedule fraudulent wire transfers. Security firm Palo Alto Networks has also issued an alert on the use of remote-administration tools (i.e logmein) being used to infiltrate systems and take over corporate credentials.


Education Is Key

While security controls and enhanced authentication can help to thwart these attacks, commercial customers must focus more attention on educating their employees about how to prevent these schemes from being effective. Implementing dual controls on the customer’s end will also help. Masquerading is essentially a social-engineering mechanism carried out through technology. It’s similar to what was seen years ago as criminals were attacking banking systems. Now however, instead of attacking the banking systems directly or trying to fool the banks, they are using masquerading e-mails to fool a business’ employees into scheduling a fraudulent wire transfers.


If you’d like to learn more about masquerading and how you can help keep your customers and your bank safe, call ITPAC today.