Sophisticated fraud uses hacked bank information to steal millions from customer accounts

While investigators continue to measure the damage from a massive cyber-attack believed to have originated in Russia, a new warning shows how valuable that compromised information can be.

IBM cyber-investigators say they uncovered a sophisticated theft ring that accessed tens of thousands of previously-hacked bank accounts, in the US and Europe.

The crooks were able to electronically impersonate the digital phones connected to those online and mobile-accounts, match usernames and passwords, then drain them of millions of dollars.

RELATED: Increase in cybercrime shows importance of secured devices
IBM's security researchers say, "The scale of this operation is one that has never been seen before."

Houston tech-expert, Juan Guevara Torres says it's a perfect example of how valuable basic bits of information can be to cybercriminals. "Once they have that, then they can start guessing where you bank, where you go, what activities you do," he says, "With all that information, I can spoof your identity and completely hack your life."


To help protect yourself, experts recommend:

Strong passwords, and using multi-factor authentication that can help slow potential crooks.

Be aware of phishing attempts that can load malware onto your devices.

Review bank statements at least once a month to spot any fraudulent activity because the threat will not go away.

"You have to protect your digital-self exactly the same way you protect your real-self," says Guevara Torres, "Your digital-self, our digital selves, are under attack."
IBM does not identify which banks were affected, or the time-frame they were hit but says those institutions have been notified. While the initial attack was stopped, researchers believe the operation appears so sophisticated that another attack is probably already underway.