That is according to the FBI, which issued that the latest trend by cybercriminals is to get employee login credentials, using spam and phishing emails, keystroke loggers, and Remote Access Trojans (RAT).

And the best way to fight it? That leads to the over training vs. technology. While most security experts say both are necessary, and the FBI provides a list of training recommendations and policy protocols to keep employees from giving up the keys to the financial kingdom, some experts like George Tubin, senior security strategist for Trusteer, say .

"Part of the solution is training," he said. "But we've been talking about this for so long, trying to educate customers and employees. It has become one of those battles I don't think we're going to win."

"Some of the ploys are so good they could fool almost anyone -- very sophisticated schemes like web injections and email from friends that lead you to open an attachment. The real answer comes in automated technology, to make sure people don't respond to those things," Tubin said.