Hackers use South-east Asian banks most to receive illicit funds: Swift

South-east Asian financial institutions were named as one of the major targets by cyber attackers over the last 15 months.
South-east Asian financial institutions were named as one of the major targets by cyber attackers over the last 15 months.PHOTO: ST FILE

SINGAPORE - Hackers used South-east Asian banks to receive funds from 83 per cent of all studied fraudulent transactions in 2018 and 2019, according to global payments network Swift.

The remaining 17 per cent were spread across Europe, North America and the Middle East, Swift said in a recent report.

Called beneficiary or "mule" accounts, these bank accounts are typically used by hackers to materialise funds extracted from financial systems.

South-east Asian financial institutions were also named as one of the major targets by cyber attackers over the last 15 months, with other regions targeted including Africa, Central Asia and Latin America. In all cases, targeted institutions were banks with smaller cross-border transactions per day.

Attacks also took place in the "reconnaissance phase", which meant hackers were not yet able to access a bank's payment systems even though they had managed to compromise a user's workstation. Attackers could wait for weeks or even months before launching an attack, after learning the patterns and behaviours of users to plot the fraud.

Overall, the report saw a "dramatic" decrease in the individual value of each attempted fraudulent transaction to between US$250,000 and US$2 million, from US$10 million previously, in order to avoid detection.

Transactions in US dollars accounted for around 70 per cent of attempted theft since 2016, with European currencies on the rise - notably euros and the British pound. A small minority, or 5 per cent, of hacking incidents involved Asia-Pacific currencies, mainly the Hong Kong and Australian dollars and the Chinese renminbi, the report said.