Security & Fraud

Cybercrooks’ Latest Trick: Steal Less Money

Cyber Criminals Are Trying To Steal Less Money To Avoid Detection

A report by Bloomberg said that after one of the biggest cyber heists in history involving the theft of $100 million from the Bangladeshi central bank’s account in the U.S. Federal Reserve, criminals are now vying for smaller amounts in an attempt to avoid detection.

The amount of money stolen in 2018 averaged between $250,000 and $2 million, which is down from amounts in the tens of millions, according to a report by interbank messaging service SWIFT.

About 83 percent of all fraudulent transactions were to banks in the Asia-Pacific region, and the lenders targeted were in countries that are considered highly corrupt, including Tajikistan, Mozambique and Afghanistan.

“The higher the value of the instruction, the higher the risk of triggering fraud-detection systems,” SWIFT said in the study. “Since the cyber incident in Bangladesh, the amounts sent in individual fraudulent transactions have evolved, making them harder to detect.”

SWIFT has upwards of 11,000 global members, and created a set of measures for protection after a swath of electronic heists in 2016, many of which targeted the central bank of Bangladesh. SWIFT has also provided banks with technology to notice abnormalities in wire transfers.

In addition to the lower amounts that cyber criminals are trying to steal, they’ve also been sending the orders during daytime hours in an attempt to blend in with normal daily traffic.

Before, criminals would send the orders on holidays or after banking hours in the hopes of avoiding detection.

In other SWIFT news, the organization announced on February 12 that it opened its Know Your Customer platform, the KYC Registry, to corporate groups.

In a press release, SWIFT said that all 2,000 SWIFT-connected corporate groups can join the KYC Registry to upload, maintain and share their Know Your Customer information with banks.

According to SWIFT, enabling corporates to join the KYC Registry will be transformative for the companies that use multiple banks. As it stands, SWIFT said major companies use a range of banks located in different jurisdictions across the globe who are tasked with exchanging information to enable Know Your Customer checks to take place.

The data is located in different places and can be incomplete or out of date, making it a time-consuming process for corporates and banks. Adding to the inefficiencies of the current system is a lack of uniformity. The KYC Registry brings it all together, providing access to an online portal for financial firms to exchange KYC data with correspondents in a secure and standardized way, SWIFT said in the press release.



Banks, corporates and even regulators now recognize the imperative to modernize — not just digitize —the infrastructures and workflows that move money and data between businesses domestically and cross-border. Together with Visa, PYMNTS invites you to a month-long series of livestreamed programs on these issues as they reshape B2B payments. Masters of modernization share insights and answer questions during a mix of intimate fireside chats and vibrant virtual roundtables.