Noting "a significant increase" in ACH fraud targeting small and midsized bsuinesses recently, the FBI says the ripoff typically begins with a spear phishing expedition that delivers malware via either e-mail or a link to the business's computers.
Once the malware takes up residence, a keylogger harvests the company's financial information.
Armed with legitimate banking credentials, the crooks establish new payroll accounts, the recipients being themselves of course, and authorize transfers of thousands of dollars, often using work-at-home processing services (who think they're working for legitimate businesses) to bank the booty, then wire it to the overseas criminals.
ACH is growing as a cybercrime target for the same reason it's growing as a business subject: convenience.
Because the payroll withdrawals are kept under $10,000, they don't set off currency transaction alarms that would, at the least, slow down the automated process.
Using work-at-home transaction processors (money mules) keeps the process, and the cash, flowing.
Working with the National Cyber-Forensics and Training Alliance (NCFTA), the Bureau is issuing strong warnings about the scam, which we can expect to continue picking up steam.