Most of us know about the threat faced by criminals working to steal our credit card numbers, but a growing threat to our capital has grown from these cyberhackers who have figured out a number of ways to access corporate bank accounts and draw money out of them.
2009 has been an especially bad year, as the FBI has stated bank account theft has reason dramatically for the year. They state that the banking system is actually behind the curve when it comes to defending their customers’ accounts, especially in relationship to firewalls and antivirus programs.
While big banks aren’t immune to the problem, it is by far a larger problem of small and mid-sized banks, which in many cases don’t have the security measures in place its larger competitors do. Unfortunately, this means small and mid-size businesses, who can afford it the least, suffer the most, as they tend to do business with banks that are of that size as well.
One particularly infamous program called URLZone, can not only transfer money out of an account, but it can also change the online banking statement so it appears to have the money in it expected by the owner. Money could be taken out that way without even being identified as having been done by the owner of the account.
Probably the most used program for stealing account passwords is called Zeus, which is available to anyone who is willing to pay what it costs to get it. Hackers can take this base program and customize it to their specific wants.
For businesses this is particularly tough, as while there is pressure to protect consumer accounts and pay back any losses, that isn’t the same with business banking accounts, so there isn’t the same resolve and sense of urgency by banks as there would be with consumer accounts, which receive much more press coverage.
What has happened in a number of cases, even with those quickly identified, is it can take a long time for a bank to get the money back to the business; if the business gets it all back at all. Many businesses even have to go the lawsuit route to get their stolen capital back; something that shouldn’t have to be, but nevertheless is the way things are.
One of the keys to getting the sympathy of the bank for businesses is to identify its losses and disruptions quickly, to eliminate the size of the capital lost.
Having said all that, it’s still on the banks to protect their customers, whether they’re consumers or corporate customers.
While it may cost more for the online security needed, the growing number of lawsuits over bank account security failing should give banks the incentive to get top of the line online security in place.
