Protect a Business Account from Fraud

posted Jon Parker 11/25/2015 in Banking

Many business owners assume that cybercrime is directed mostly at big companies with deep pockets, but that’s not actually the case. More than half of businesses with revenue under one billion dollars reported payment fraud attempts in 2014, according to the 2015 Association for Financial Professionals Payment Fraud and Control Survey. Given our increasing reliance on internet technology, it’s almost certain those numbers will increase in 2015.

One of the fastest growing kinds of online financial fraud is a form of business identity theft called Corporate Account Takeover (CATO). CATO occurs when cyber criminals gain access to a business’ bank account by stealing passwords and other account credentials, usually by hacking their way into employee emails and infiltrating the business’ network. In the most common scenario, once the criminals have access to a business account, they initiate fraudulent wire and ACH transactions to move funds to accounts controlled by the criminals.

When this happens, many businesses are surprised to learn that their accounts do not have the same regulatory protections against cybercrime that consumer accounts do. In most cases, a bank is not obliged to make a business whole for losses incurred due to CATO and other online financial fraud.

Find the Right Business Banking Partner

Businesses can take many steps to protect a business account from fraud, most importantly working with a bank that practices the latest techniques in the prevention of cybercrime. Not every business needs the same level of online security measures, so look for a bank that offers customized protections and not an impersonal, one-size-fits-all approach.

Business banking generally requires more checks and balances than consumer accounts do. Strict adherence to cyber security best practices, not convenience, should be the top concern when selecting a financial institution for your business.

For instance, will your bank notify you if multiple failed password attempts are made on your account? Does it require business employees to obtain temporary access codes for transactions over a certain dollar amount? Does it use predictive analytics software to monitor your account for unusual activity and hold your funds until an authorized employee approves the transaction? A bank dedicated to keeping your money safe will invest in the tools required to protect a business account from fraud in the environment we live in today.

Employee Education

Of course, preventing these attacks must involve a partnership between business and banks. It’s critical to educate every employee so it’s understood that even one infected computer can lead to an account takeover. For example, if an employee takes a business laptop home and accidentally downloads credential-stealing malware, criminals could gain access to the business’ entire network when the employee returns and connects at work. Every employee, even those with no financial responsibilities, must be educated about these threats. Businesses, in partnership with their bank, should deliver regular training on protecting business accounts and cyber threats to all appropriate staff.

At Lincoln Savings Bank, cyber security is top of mind each and every day of the year. As a vigilant financial partner, we provide a strong security program as well as employee education programs to help protect our business clients against CATO and other forms of cybercrime.

Blog and News