The National Bank of Blacksburg in Virginia has been under the influence of two major phishing attacks in recently.   These attacks resulted in a loss of $2.4 million.

For those who are not aware, phishing is another form of cyber-attack in which the cybercriminals gain access to the login credentials of banks or financial institutions for the purpose of installing malware or stealing data. In a typical phishing attach scenario, fraudulent emails are sent to employees. The emails are contain attachments with malicious documents or links, which when opened, could result in the installation of the malware in the system.  Alternatively, when fraudulent links are sent through emails, the employees are usually directed to fake websites where they are fooled into disclosing confidential login credentials.

The first phishing attack took place against Blacksburg Bank on May 28, 2016. Under this phishing attack, malware software was installed on the systems of the bank. This gave the cybercriminals access to the STAR Network which is the system of the bank that is responsible for managing ATM debit cards. Once the attackers gained access to the bank’s STAR Network, they changed the balances of the accounts and removed the existing security measures such as anti-fraud protection and anti-theft measures.   They also enabled unauthorized withdrawals from the accounts of the customers through ATMs and conducted keystroke logging.

In the span of two days the attackers successfully withdrew maximum total withdrawals from several ATMs across the country. The total amount that was stolen from the bank through this technique was approximately $569,648.24.  All of this was made possible without access to the physical ATM cards or making use of skimmers for stealing bank account card information.

This destructive malware in the bank’s system was detected on May 30, 2016. The cyber attack was investigated by the leading computer forensic firm, Foregenix.   This firm was able to determine that the malware program got installed on the systems with the help of an employee who was deceived by the phishing email.

Also, check out the Social Engineering attacks.

Just after 8 months of this phishing incident, on January 7, 2017, another similar phishing attack happened against the bank. This attack involved the cybercriminals gaining access into the bank’s STAR Network.  This time, the attackers were able to steal $1.8 million from the customer bank accounts. Verizon investigated the case and concluded that the malware breach happened due to yet another employee being deceived by an email scam.

These phishing attacks and incidents reveal that it is quite easy for employees to fall prey to phishing schemes.  Organizations should train their employees to stay alert regarding phishing schemes and alert IT administrators of any suspicious emails or attachments received at work.