A recent New York Times story should serve as a warning to business owners: They may not be protected should a cyber criminal clear out their bank accounts.
The Times story highlights the 2010 case of an engineering and construction company in California that lost more than $125,000 when criminals hacked into its bank account, using the name and password of the office manager to route the money to eight banks across the country.
The shocking part of the story? Most business owners mistakenly believe that the protection they have on their personal bank accounts extends to their business accounts. In most cases, it doesn’t, and companies can permanently lose the money that hackers have stolen from them.
Keeping Hackers out of Your Business Accounts
How, then, can business owners protect their business accounts from hackers? The Times story recommends that business owners keep firewalls updated and limit the number of employees with access to their business bank accounts.
Businesses should never fall behind on applying security patches to their operating systems, the Times story recommends (and we do too!).
Changing Employee Behavior
Equally important, though, is for businesses to have in place and enforce strict rules monitoring employee behavior. Businesses should forbid employees from accessing social media sites on workplace computers. Businesses should also educate employees on how to recognize unusual links and email messages that might contain viruses or phishing scams.
These email attacks are fairly common. As the New York Times story says, employees might receive email messages that look like they are coming from the IRS or other government agencies. When employees open these messages and click on the links inside them, they might accidentally infect the business’ computer network.
Education is the Key
Attacks like this underscore an important fact: even the most advanced antivirus software can be useless unless employees are educated on safe Internet use.
In the California case cited by the Times, for instance, the company’s office manager had violated the business’ policy by visiting a social networking site from a work computer. The company says that this is probably how the manager’s computer became infected with malware that the company’s antivirus software did not detect.
Read more at The New York Times by clicking here.