Online banking offers many convenient features for businesses, including easy viewing of balance and transaction, as well as making transfers and payments at the click of a button.
Unfortunately, this convenience comes with a downside – banking fraud. Companies across the United States have had hundreds of thousands of dollars in unauthorized transactions and transfers.
Even worse, business bank accounts are not under the same protection as consumer accounts, so banks are not required to make restitution.
Preventing and stopping fraud requires diligence, the proper safeguards and awareness of how this illegal activity actually happens.
Many incidents are caused when hackers place malicious software, often called malware, on a victim’s computer.
These Trojan and virus programs often enter through emails or infected websites. Social media sites, innocuous as they seem, are especially known for hosting malware.
A California company lost $125,000 after an employee violated company policy by participating in social media while at work. Other scams work through emails “phishing” for information by appearing to be from banks, credit card companies, the IRS and social media, often with the message that an account has been compromised and dire actions will result unless the victim acts.
Once someone enters an account number, login, password and other information such as tax ID numbers, hackers can take over those accounts and use the personal information for identify theft. Once the software is in place, criminals can hack into bank accounts and send themselves money. Often they work through mules – other victims who allow their accounts to be used as money laundering clearinghouses.
These victims are recruited to work for sites that appear to be legitimate businesses, often in financial services. A Georgia auto parts business lost $75,000 after malware on the controller’s computer sent payments to mules around the country.
After the bank reversed the transfer, one mule actually called the bank to find out where “her” money was. That particular fraud was perpetrated by a Russian organization.
Warning signs of bogus business sites include bad grammar, misspellings and too-good-to-be-true promises. Banks are continually upgrading security measures. It is incumbent upon businesses to maintain control from their end.
Tips from experts include: