Are you protecting your bank account from cyber crime?
Are you protecting your bank account from cyber crime?
Cyber Crime targets your data, personal information, suppliers and customers, and in many cases, your finances.
Cyber Criminals are increasingly aggressive and proficient when it comes to targeting your money and so every business is at risk.
Here’s a short story of a breach we recently witnessed and what you can do to safeguard your company.
Sarah (not her real name) oversees payroll and accounts payable at the property management company where she works. The company has grown a lot lately and so has her workload. On Monday she comes to work and logs into the banking.
She sees a mysterious withdrawal of $26,147.93 that doesn’t match any of her records. However, her boss (the owner) sometimes makes unusual withdrawals, and she makes a note to follow up on it when she gets a chance. She’s already behind on payroll and will probably work overtime to catch up on payments.
Being overly busy, she doesn’t find the time to follow up on the unusual transaction until Thursday, but just as she’s beginning to investigate, the bank calls. The summary of the conversation goes like this:
The summary of the conversation goes like this:
“We’ve noticed an unusual transaction on your bank account and we’ve determined that it was fraud. In this case, the funds have already been cleared and we won’t be able to reimburse you. You need to call the police fraud department, and you also need to call your cyber insurance provider. Finally, you should launch a thorough investigation of the computers on your network. We believe that your devices may have been compromised.”
In the end the money was never recovered but some important changes were made:
- The company has activated alerts on all bank account withdrawals
- All employees with access to company bank accounts must use RSA tokens to sign in
- Any unexpected transactions must be investigated immediately
- All employees were required to take security awareness training
- The workloads of the AP department were re-evaluated to ensure that they had time to pay attention to the outbound flow of cash.
- Cash flow trends were analyzed to help identify anomalous transactions
- Internal communication rules were put in place to stop the owner from making unexpected transactions
Could this crime have been prevented? Yes. Here are just a few ways to prevent bad actors from accessing your systems – including banking:
Provide regular and role-specific security awareness training for all employees.
Take advantage of all the security tools provided by your bank. Don’t take shortcuts out of convenience.
Monitor your funds, understand what is coming in and going out.
Have a clearly defined protocol that instructs employees what to do when unusual transactions are discovered.
Keep all of your systems secure and up-to-date.
Control employee’s access to cloud services, software, and lock down employee’s computers. In the example cited above, it turned out that the accounts payable person had inadvertently loaded a spyware on her computer. Better security controls could have prevented this.
Don’t allow employees to “Bring Your Own Device” (BYOD) to work. You can’t be sure if an employee is accessing your systems with a compromised computer.
Use technology to monitor your network and devices for anomalous behaviour.
Don’t let your small business fall victim to cybercrime.
Take action today, to protect your data, your reputation, and your financial well-being!
At Foundation BTS we provide complete IT support and infrastructure that includes employee education, maintenance, monitoring, and protection from IT Disasters and Cyber Security Threats.
Work with us to gain peace of mind that your systems are secure, your employees are knowledgeable, and that the risks of compromise have been greatly reduced.
Enroll your company today:
- Call 416-368-3287
- Ask for Paul
- Transform your IT Security