CNN has an article [1] that details the tactics taken by cyberthieves to steal money out of bank accounts. The tool of their trade is phishing, which is when they send fraudulent e-mails to obtain sensitive information that can then be used to access bank accounts.

An example are e-mails that appear to be legitimately from a bank and often have warnings about account security or messages about accounts being locked.  The e-mail will then ask an individual to log-in from a link in the e-mail, and that false log-in site will capture account information such as account number and password.

The article highlights an even more complicated form of phishing:  a malware that facilitates hacking of server settings.

For example, a user types www.bankofamerica.com [2] into his or her browser. But instead of the computer using the service provider's server, which would take the user to the real Bank of America server, the computer uses a bogus server run by phishers -- and that takes the user to a fake Bank of America server.

The phishers take the user's login information and empty the account.

An IBM Internet Security Systems X-Force survey shows that banking industry companies made up 19 of the 20 companies targeting by phishing in 2007.

The article advises that it might be worth keeping a paper trail of the bank account.  It cites criminals in Brazil who have been able to wipe out entire accounts and leave no trail behind.