Anti-malware specialists McAfee have reported that Operation High Roller – a wire transaction fraud scam – has targeted the Single Euro Payments Area (SEPA) payments network. The criminals have moved from their target of wire transfers to SEPA transactions – more attractive because of their cross-border nature.
Their latest attack targeted German banks, using an Automated Transfer System (ATS) designed to fit SEPA payments. “The malicious “webinjects” target two German banks with a specially crafted JavaScript payload deployed to about a dozen of their online banking customers that have SEPA as an option, keeping this attack very targeted in nature,” McAfee explains.
The problem with this kind of attack is that it remain undetected for a period of time – the malware hides security alerts. Moreover, the attacks only target a few customers at a time making them even harder to detect. The fraudsters also updated their old code, making sure there is a minimum of €1,000 for a single transaction and a maximum of €100,000.
McAfee estimates that one of the targeted banks had suffered €61,000 in attempted SEPA transactions to mule accounts. They remain highly pessimistic and do not think Operation High Roller will disappear any time soon.