Cybercrime against companies is particularly damaging for the victims because commercial bank accounts don’t have the reimbursement protection of consumer accounts. The $25M cited below in small business losses in Q3 2009 were due to wire transfer fraud and ACH. The takeaway here? Make sure you close control over any commercial banking function, particularly if you are a small business that regularly carries a large bank balance.
From the link:
Ongoing computer scams targeting small businesses cost U.S. companies US$25 million in the third quarter of 2009, according to the U.S. Federal Deposit Insurance Corporation.Online banking fraud involving the electronic transfer of funds has been on the rise since 2007 and rose to over US$120 million in the third quarter of 2009, according to estimates presented Friday at the RSA Conference in San Francisco, by David Nelson, an examination specialist with the FDIC.
The FDIC receives a variety of confidential reports from financial institutions, which allow it to generate the estimates, Nelson said.
Almost all of the incidents reported to the FDIC “related to malware on online banking customers’ PCs,” he said. Typically a victim is tricked into visiting a malicious Web site or downloading a Trojan horse program that gives hackers access to their banking passwords. Money is then transferred out of the account using the Automated Clearing House (ACH) system that banks use to process payments between institutions.