What's happening: News continues to surface of businesses being hit by cybercriminals. This story is particularly bad in that the company and the bank had strong technology in-place (multifactor authentication) designed to prevent this kind of attack. Unfortunately, an employee missed a clear danger signal.
What it means: Cybercriminals can get by the best technology in the world when employees aren't sensitive to the danger signs.
What to do: Check bank transactions daily. Consider a separate PC used only for on-line banking. Train staff to recognize on-line danger signs. Check your cyber-insurance. Be prepared to sue your bank: email our Guide An Emerging Information Security Minimum Standard of Due Care to your attorney.
***********************************
Brian Krebs; Washington Post: Organized cyber thieves are increasingly looting businesses in heists that can net hundreds of thousands of dollars. ... In mid-July, computer crooks stole $447,000 from Ferma Corp., a Santa Maria, Calif.-based demolition company, by initiating a large batch of transfers from Ferma's online bank account to 39 "money mules," willing or unwitting accomplices who typically are ensnared via job search Web sites into bogus work-at-home schemes.
http://voices.washingtonpost.com/securityfix/2009/09/cyber_theives_steal_447000_fro.html#more