The unique attack, which allowed the fraudsters to redirect customers to spoofed sites so they could steal confidential account information, resembled pharming, a variant of phishing, in which cybercriminals redirect legitimate traffic to a bogus web site resembling the real thing.
In this case, users were asked to provide credit card and Social Security numbers to the thieves.
Capital City Bank, Wakulla Bank and Premier Bank were targeted in the scam, the Tallahassee Democrat reported. No arrests have been made, and officials said a "minimal" number of customers were affected. Financial losses were said to be small, and the banks said they will reimburse anybody who had money stolen.
Bob Breeden, head of the Florida Department of Law Enforcement computer crimes division, could not be reached for additional comment today.
The incidents occurred March 14, and the bank's real websites were normally operating two days later, the newspaper reported.
"This new scam is like phishing without the intervening electronic mail step," John S. Quarterman, president of security vendor InternetPerils, said on his Perilocity blog. "Because it is the bank's own web server that is compromised, the customer has even less reason to suspect anything amiss. Fortunately, it should be easy for banks or their hosting providers to stop."