Joining the ranks of financial firms targeted by cyber fraudsters is FXCM. The broker released a statement that as a result of the hacking, a small number of unauthorized wire transfers were issued from customer accounts; with funds since having been returned.
In addition, the firm was contacted by a hacker who claimed to have access to customer information. According to FXCM, the firm has since contacted the FBI which is investing the cyber threat. In addition, FXCM stated that they are working with a Cybersecurity firm to investigate the incident and protect customer information. The internal investigation will be used to analyze the magnitude of the cyber incident and to identify affected customers and notify them. In the meantime, FXCM has notified its entire client base of the incident and recommended them to change their passwords as a precautionary solution.
Rats in the Browser
The case is similar to that which has affected other banks and financial firms and involve unauthorized transactions. The breaches are typically conducted by remote access Trojan (RATs) viruses. Upon initiation of the Trojan, it provides fraudsters the ability to monitor the web behavior of affected users and gather their input information into financial websites. Using this information such as user names and passwords, fraudsters can then enter bank accounts and issue transactions.
Beyond providing recommendations to customers to use anti-virus software, financial firms can also integrate cybersecurity account recognition tools. This includes tools that monitor the IP addresses of their customers and alert banks of suspicious account entrances. In addition, newer forms of technology include pattern recognition which can identify how customers log into their accounts, such as the speed between entering their passwords and whether they use the keyboard or mouse to click enter.