Tuesday, February 12, 2019

Phishing Attack Targets CU AML Officers

Krebs on Security is reporting that on January 30 a highly targeted, malware-laced phishing campaign landed in the inboxes of anti-money laundering (AML) officers at multiple credit unions.

The USA Patriot Act requires all financial institutions to appoint at least two Bank Secrecy Act (BSA) contacts responsible for reporting suspicious financial transactions that may be associated with money laundering.

These BSA contacts at credit unions are registered with the National Credit Union Administration (NCUA). This information is not publicly available.

Given the targeted nature of the spear phishing attack, some within the credit union industry speculated that NCUA may have been compromised.

However, NCUA denied the allegation. NCUA in a February 8 press release stated:
Upon learning of the recent spear phishing campaign targeting Bank Secrecy Act officers at credit unions, the NCUA conducted a comprehensive review of its security logs and alerts. This review is completed, and it did not find any indication that information was compromised.
It appears that the spear phishing campaign has spread beyond credit unions to other financial institutions.

This does raise the question of how did these phishers obtain this non-public information about BSA officers?

2 comments:

  1. Does any other entity have this information?

    ReplyDelete
  2. Yeah... FinCEN.
    ...And everyone single FI/Person who is register for 314b sharing can download the full list at any time.
    Including *GASP* ...bankers...

    ReplyDelete