The scheme starts with an unsolicited message in your in-box that appears to come from the National Automated Clearing House Association (NACHA), the Federal Reserve Bank, or the Federal Deposit Insurance Corporation (FDIC), all of which are real entities dealing with financial matters.
The message, which generally looks quite official, supposedly alerts you to a problem with a bank account or transaction and offers a handy link to click to help you solve it.
Once you click that link, you're sent to a fake website where "Gameover" is downloaded to and installed on your computer. The software hands your usernames and passwords over to the thieves, allowing them to access and clean out your bank accounts.
After getting into your account, the thieves launch a distributed denial of serivce attack on your bank to try and keep real customers from getting on its website and distract the institution from the theft fro your account..
But that's not all. This new scheme takes the crime a step further.
"Recent investigations have shown that some of the funds stolen from bank accounts go towards the purchase of precious stones and expensive watches from high-end jewelry stores," according to a news release from the FBI.
The criminal who stole your money contacts the stores to buy the merchandise and then sends a "money mule" to pick up the pieces.
"After verifying that the money is in the store’s account, the jewelry is turned over to the mule, who then gives the items to the organizers of the scheme or converts them for cash and uses money transfer services to launder the funds," the FBI explained.
The FBI says some of the "money mules" are willing participants in the crimes, but others are unsuspecting people taking part in seemingly legitimate work-at-home opportunities. They have no idea what's really happening and that they are laundering money.
To protect your computer and your financial information, make sure that your anti-virus software is up to date and never click on a link in an unsolicited email. Most experts say you should always be suspicious of unsolicited messages and simply delete them without opening them. If you are concerned about a potential problem with a bank account, contact the financial institution directly.
Do not accept unsolicited offers for online jobs, especially if they require you to transfer money.
If you have been a victim of the "Gameover" phishing scam, contact your financial institution immediately and file a complaint with the FBI’s Internet Crime Complaint Center.