Businesses vulnerable to cyber attacks

Aug 31, 2009 By Susan Tompor

Most of us think cyber crooks cast their phishing lines mostly to try to hook everyday consumers. But some businesses across the country have seen hundreds of thousands of dollars vanish from their bank accounts after cyber attacks.

"These e-mails look legitimate," said Terry Thornton, senior vice president of fraud services for Dallas-based Comerica Bank. "People are falling for it because they look so good."

Business owners, as well as managers of school districts and government entities, need to be aware that cyber attacks have hit online banking accounts of others. They must be diligent about updating antivirus software, as well as training their staff to avoid giving specific account numbers in response to an that looks like it actually came from the bank.

What's essential for business owners to understand is that they do not have the same protections offered to a consumer in such cyber attacks.

"In these types of small-business accounts, the customer loses the money," Thornton said.

While bankers will attempt to rescue the funds, business owners could be out a lot more money than a typical consumer who is hit by a . This applies to business accounts of all sizes, small and large.

So it's key that businesses look for warning signs.

Cyber attacks typically run in waves, Thornton said. Things can be quiet for a while and then suddenly small businesses report fraudulent e-mails.

Criminals who often live overseas are crafting ways to plant on a company's computers and enable the crooks to construct wire transfers to send money to dozens of operators who then launder the money and wire it back to the cyber crooks.

For businesses, the fraud becomes more difficult because business owners do not have protections similar to consumers.

Consumers who bank online in the United States are protected by Regulation E, which generally holds that consumers are not liable for unauthorized transactions against their bank accounts, but the consumer cannot go more than 60 days without reporting suspicious or unauthorized charges or debits.

But if hackers pull out money from the small business' or community's bank account, the bank does not have an obligation to cover that stolen money. That doesn't mean a legal battle won't take place.

The Bullitt County Fiscal Court in Kentucky ended up suing First Federal Savings Bank over an online theft.

Bullitt officials discovered $415,989 missing from its account on June 29. They contend hackers used a malicious code called ZeuS, which allowed them to steal the county's user name and passwords from a county computer and log on through a county Internet connection, according to a report in the Courier-Journal in Louisville.

Less than $10,000 was withdrawn at a time, and payments were deposited in outside of Kentucky.

The suit, which was filed in Bullitt Circuit Court, claims the Elizabethtown-based bank could have prevented the theft if it had not ignored irregularities in Bullitt's payroll account.

The bank disagrees and says its online system is not at fault.

Both consumers and business owners must carefully review their accounts regularly, even daily, to try to spot early on.

Everyone could use yet another lecture on why we all need to be extremely careful about e-mails, text, or instant messages that appear to come from your bank, a government agency, an online seller or another organization that you might recognize.

(c) 2009, Detroit Free Press.
Visit the Freep, the World Wide Web site of the Detroit Free Press, at
Distributed by McClatchy-Tribune Information Services.

Explore further: Racist search term points to White House in Google Maps

Related Stories

Canadian charged in US in Internet gambling case

Aug 06, 2009

A Canadian resident was indicted in the United States on fraud and related charges for processing some 350 million dollars for Internet gambling firms, officials said Thursday.

Networking: Is that bank's URL legitimate?

May 01, 2006

Computer-security professionals at the weekend were working on what is being described as a just-emerging IT problem -- the kind which, if the pros are correct, potentially could imperil all e-commerce across ...

Avoid cyber Grinches, scams and schemes

Nov 18, 2005

As consumers go online in record numbers this holiday to shop and make travel plans, security experts advise that they take a few basic precautions to keep from getting ripped off or have their identity stolen.

Recommended for you

ICANN chief stepping down in early 2016

18 hours ago

The head of the group that oversees all Internet addresses will step down early next year, after a plan to end US oversight of the key nonprofit organization.

How alternative currencies could catch on and cash in

21 hours ago

Alternatives to cash, like Bitcoin and Uber, may never replace the coins in our pockets or paper bills in our wallets, but they are creating significant social and economic impacts, and with some design adjustments, ...

Spotify introduces video, radio service

May 20, 2015

While saying that it is still a music company at heart, Spotify says it is expanding its lineup to include podcasts, news radio and video streaming.

For US allies, paradigm shift in intelligence collection

May 20, 2015

Fearful of an expanding extremist threat, countries that for years have relied heavily on U.S. intelligence are quickly building up their own capabilities with new technology, new laws and—in at least one ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.