By Tom Costello Correspondent
NBC News
updated 12/14/2004 7:26:35 PM ET 2004-12-15T00:26:35

From a small Miami warehouse, Joe Lopez and his wife, Farah, keep track of every penny from a computer supply business they started three years ago.

But last April, they suffered a body blow. Someone hacked into their personal business computer, through their firewall, and transferred $90,000 out of their Bank of America account, and ultimately to Riga, Latvia!

"We thought, ‘Do we have to close up shop? What do we do?’" says Farah.

"The day that it happened, I thought I was going to have a heart attack," says Joe.  "I mean, literally, I was sick to my stomach. "So I proceeded immediately to call Bank of America — the wire room — and explain to them that I had not done this wire and that I needed them to recall this wire, that this is obviously a mistake."

Within days, investigators determined their computer had been infected with the "core flood" virus, allowing someone to steal their online banking information.

But even now, nearly nine months later, their money is still stuck in Latvia. And since the bank's system was never compromised, Bank of America says it's up to the Lopez family to get their money back.

"The theft that's happening, you can't pin it on the bank," says Avivah Litan, an Internet security expert with Gartner Research.

Why?  Because the bank's computers are usually secure. Users who transmit bank account information over the Internet do so at their own risk. But if your credit card is stolen and used online, very often it's the merchant who's held responsible.

The Federal Trade Commission says bank fraud is the fastest growing form of e-fraud — costing nearly $15 billion last year.

"It used to be that they were attacking corporations and the servers, the merchants," says Litan. "Now they've discovered that they can attack you and I directly."

At the Heels & Soles shoe store in northern California, Internet sales are critical, making up 50 percent of the business. But out of 100 daily orders, store manager Martin Stuelpnagel says, "we deal with probably about ten fraudulent orders a day. And that will usually take about 20 minutes of our time."

Security experts warn the public to guard their identity closely by following these tips:

  • If you pay bills on-line, ensure your transaction is secure
  • Keep your firewall software up to date
  • And if you're not sure whether a Web site is safe, place your order over the phone

Back in Miami, the Lopez family is desperate.

"We're mortgaged to the hilt and we have to keep the business going," says Farah. "We have no other source of income! This is all we have."

"It's nearly devastated us," says Joe. "I don't want this to happen to someone else. How many more victims are there out there who don't know?"

Both fear their $90,000 is gone forever in an electronic fleecing of America.

Tom Costello is an NBC News correspondent.

Discuss:

Discussion comments

,

Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments