Small Businesses - Beware of Internet Banking Cybercrimes

While the majority of Internet banking transactions operate under secure provisions, there is still always a risk of a compromised account. Tech-savvy cyber-criminals continually attempt to gain access to bank accounts through what are known as "banking Trojans." These are programs that allow them to break into an account and subsequently transfer the funds in those accounts to their own.

Within recent years, an increasing number of small businesses and organizations, including schools, churches and non-profit organizations, have fallen victim to cybergangs that purposely target these types of businesses: specifically small to midsize companies and organizations.

The reasoning for this is that organizations that use a computer or host of computers for email, web browsing and other online activity along with conducting financial transactions is much more susceptible to banking Trojans. The FBI and the American Banking Association are urging businesses to try to limit online banking transactions to a computer that might be used solely for that purpose. The less web browsing and email conducted on that self-same computer, the less at risk the organizations bank accounts will be.

Many of the online accounts that are able to be accessed by cybergangs include two of the most common financial transactions often used by many small businesses and organizations: wire transfers and Automated Clearing House (ACH) transfers. ACH transfers are typically used to handle employee salaries and both vendor and customer payments.

The technology governing these types of financial transactions is rather old, and sophisticated cyber-criminals have created many programs efficiently capable of gaining access and acquiring the funds within those accounts. Because many of these accounts are supplied to businesses by local banks or credit unions, many cases of wire transfer fraud often go undiscovered or unreported, because many banks are lacking in proper fraud detection software and security systems. Additionally, many businesses find themselves on the losing end, simply because business account holders aren't afforded the same protection as individual account holders.

Business account holders are also made more attractive to cyber-criminals due to the fact that many banks, in an effort to attract more businesses customers, offer businesses ACH and wire transfer accounts with high limits. For advanced cybergangs, accessing these accounts may be as simple as a user clicking on a fraudulent link on the Internet and unknowingly infecting their computer with a banking Trojan.

Because the risk is so great, it might be more beneficial for companies to use individual consumer accounts instead of business accounts, since under consumer protection laws, banks would be required to fully reimburse victims of fraudulent transactions, provided they are reported in a timely manner. Businesses are not offered the same protections: banks can attempt to claim that the business was negligent and at fault for not having better security protocol and infrastructure in place, such as proper firewalls and virus protection.

In today's technology-driven business environment, it is perhaps unrealistic to expect to avoid any sort of Internet banking transaction, and it is also unrealistic to believe any bank's claims that it is safe and secure to do so. But it is up to the businesses to properly make themselves aware of the risks and how to reduce or nullify those risks. For many small businesses, it may be a bit more tedious and time-consuming, but ultimately less risky and more beneficial to conduct as many banking transactions as possible strictly offline, at least until they find themselves in the position to be able to handle a large loss due to fraud.

It should also be noted that millions of transactions are conducted safely each day, and that those affected by fraud represent a very small percentage. However, in a world in which cybercrime is especially persistent and prevalent, one should never assume "It can't happen to me."

How Do They Do It?

Unknowingly clicking a fraudulent link that installs a banking Trojan is the first step for the cyber-criminals to gain access, but there is much more to it than that. And because cybergangs sometimes consist of criminals with many different talents, their attempts at getting consumers to unsuspectingly click on those links have fooled many.

These links come in the form of fake chat messages that appear to come from friends on social networking sites, through supposed company emails, or even official looking messages from banks or other financial institutions. This is a classic phishing scam.

Next, the banking Trojan is installed. There are many types of Trojans, but the most common types are keyloggers: These are programs that can record a computer-user's keystrokes as he or she logs into an online banking account, and sends the information back to the cyber-criminals. Other types of Trojans are even more sophisticated and are designed to beat some of the security measures utilized by some banks.

After the cyber-criminal has successfully gained access to an account, he might then attempt a test transfer of a rather small amount, typically less than a dollar. If this transfer is successful, larger transfers will certainly follow. The accounts in which the money is transferred to are usually created by accomplices sometimes referred to as money mules. The mules are hired by these cybergangs who may pose as real companies that post announcements for work-at-home job seekers online. The money mules are promised a percentage of the cash that is to be transferred to the accounts that they open, with the remaining funds quickly transferred via wire transfer to international offices that prove difficult to track. Sometimes, the money mules aren't even aware that they are participating in an illegal transaction; others simply don't care.

While many banks are in fact taking steps to advance their own security regarding wire transfer fraud, there are still many things businesses can do in order to conduct online transactions more safely. First and foremost, online banking should be performed on a computer in which no other Internet activity is undertaken.

Additionally, virus protection and anti-spyware software should be kept current, and bank accounts should be monitored daily if possible.

For more information on how Bridge Capital can provide accelerated cash flow solutions for your business in the Suffolk and Nassau area of Long Island, NY; Click Business Check Cashing