These banking credentials thefts are getting too close to home!

Last Thursday, April 22nd, I read that the outbreak of online bank transfer thefts had hit western Arkansas at the First National Bank of Fort Smith and a local alarm company. I can't help but wonder why these stories are not starting to show up on TV news or local newspapers. It's difficult for business people to take proper actions on their own to protect their financial transactions unless they know about the nature of these crimes.

This morning, I learned from another KrebsonSecurity news story that Aaron Jacobson at  Authentify has posted the list of 43 business victims linked to a Google interactive map. As Krebs points out, these online banking thefts are clustered mostly in the Northeast and Midwest.

My own first thought on viewing the map was for the victims. These business people are trying to pay creditors and make payrolls only to find their bank accounts looted. The thefts are located far enough apart that it's easy for local political news and traffic accidents to push the stories off the front page. These thefts are just quiet, middle-of-the-night online banking transfers. The money moves from a business account to the accounts of several money mules who then forward the cash overseas in return for a small "commission."

There are no smoking guns or violent car chases, so there are no videos on the nightly news, no pictures and no front page stories. I can't help but wonder what the news media would say and what would be the FBI's reaction if the old Dillinger gang or Bonnie and Clyde had hit that many banks across the nation. But under the current banking law, the banks aren't the victims, their newly impoverished individual account holders are the victims!

So honest business people are still losing money with each new incident, bankers bemoan the criminal activity, declare the loss is the business owner's responsibility and the short-handed and short-sighted news media show cute pictures of children playing in the local park. I'll let the bankers, MBA's and lawyers among you sort out the details and the legalities of commercial bank accounts. There ARE ways to prevent this sort of scam and both sides involved in this type of transaction need to use them! See the update at Arkansas is NOT immune to cybercrime!

I'm just sorry that it will take many more local and regional victims before the risks of online banking becomes important enough to reach the front page.