Recently, anti-money laundering officers at credit unions were spear phished. Many suspect the National Credit Union Administration (NCUA), an independent federal agency that insures deposits at federally insured credit unions was breached.

According to KrebsonSecurity:

The USA Patriot Act, passed in the wake of the terror attacks of Sept 11, 2001, requires all financial institutions to appoint at least two Bank Secrecy Act (BSA) contacts responsible for reporting suspicious financial transactions that may be associated with money laundering. U.S. credit unions are required to register these BSA officers with the NCUA.

On the morning of Wednesday, Jan. 30, BSA officers at credit unions across the nation began receiving emails spoofed to make it look like they were sent by BSA officers at other credit unions.

The missives addressed each contact by name, claimed that a suspicious transfer from one of the recipient credit union’s customers was put on hold for suspected money laundering, and encouraged recipients to open an attached PDF to review the suspect transaction. The PDF itself comes back clean via a scan at Virustotal.com, but the body of the PDF includes a link to a malicious site.

Thankfully, as is often the case the emails contained grammatical errors and email addresses which were not tied to the credit union credited with sending the message.

We reported that the government shutdown could increase cybersecurity risk and later detailed the top 10 cybersecurity risks of the government shutdown.

The U.S. Secret Service has recently said they have observed a noticeable increase in large-scale phishing attacks across the industry. The NCUA and Treasury Department both say their systems were not compromised via electronic attacks. However, number eight on our list of threats was the following:

Insider threats are very real and less likely to be detected without a full IT and cybersecurity staff. Just recently, Baltimore experienced an insider threat and had to fire an IT worker as a result.

Even this explanation though may not make complete sense as it is tough to understand the trail of a U.S. employee stealing contact information and it somehow falling in the hands of hackers who used poor grammar.

What is clear however is the government shutdown did reduce the cybersecurity of many government systems meaning databases could have been compromised. This, in turn, means cybercriminals can be far more targeted.

Sadly, this means phishing attacks which are generally not targeted can become targeted spear phishing attacks with potentially more victims.

Keep your business safe.

Phish360 Phishing simulation and training, reduces successful phishing attacks.

Also, every company should hire an experienced MSP or MSSP like Apex Technology Services to audit their cybersecurity.