In a letter seen by the Financial Times, SWIFT warned members that while many attacks have been caught by its own security or by that of banks, others have been successful. SWIFT did not say how much had been stolen.
The hackers are tailoring their attacks to each individual target, SWIFT said. While the banks that have been attacked vary in size, geography and technology, they "have all had particular weaknesses in their local security" the letter said, according to the newspaper.
Asset recovery expert Alan Sheeley of Pinsent Masons, the law firm behind Out-Law.com, said: "Banks have very sophisticated IT systems and invest significantly in those systems. If they can still be successfully attacked then individuals and companies need to invest in their own safeguards. They should also be very vigilant in respect of any payment request and need to stress test their own IT systems."
"We have seen a number of attacks on business email accounts recently, followed by attempts to have payments made to a fraudster’s bank account. Some of these have been successful," Sheeley said.
"On discovery of a hack a company needs to act very quickly to stop any further attack and to recover any losses. The enforcement agencies do not have the resources to act on every theft and therefore directors need to seek professional advice on how to recover the monies and identify the fraudsters," he said.
SWIFT warned in May that international banks are facing threats from a new wave of malicious software (malware) that allows attackers to steal money.
In a statement issued to its customers and posted on its website SWIFT said that the malware attack was believed to be part of a broad and "highly adaptive campaign targeting banks" and that there is evidence that a number of banks have fallen victim to fraud as a result of their security measures being compromised.