The use of the Internet has provided our business customers with many opportunities for convenience in payments and the transfer of funds. Unfortunately, online “cyber-crooks” are taking advantage of this same convenience to target businesses and drain bank accounts through fraudulent transactions.
Most of the recent fraud that has occurred originated from a link in an email, that when clicked on, allows malware or spyware to access the computer undetected. The malware can capture keystrokes and grab “cookies” that can contain sensitive information such as login credentials and passwords.
Steps you can take to protect yourself from cyber-criminals:
- Use a dedicated computer for sensitive functions of the business such as Internet banking, wire transfers, creation of ACH files, etc. Restrict usage of this computer from surfing the Internet or replying to emails from unknown sources.
- Be cautious in opening all emails, even those that appear to be from reputable businesses or organizations. Some of the more recent scam emails have appeared to be from well-known companies regarding the tracking or delivery of a package or order.
- Utilize dual control on job duties for electronic transfers. An example: One employee prepares the file and the second employee approves the transfer. The two employees should be on separate workstations.
- If your business utilizes a wireless network, ensure the access point is locked down. At a minimum, the device should have some type of encrypted security key higher than WEP (Wired Equivalent Privacy).
- Maintain a business class Anti-Virus/Firewall software which checks for updates at least daily. Scan computers periodically for detection of malware or spyware.
- If you are no longer going to utilize a function in Internet banking, such as ACH Origination or Wire Transfers, inform Bank of Tennessee so that access can be turned off in our system.
- If you believe that your computer system has been compromised in anyway, contact Customer Care immediately at 866.378.9500.
Unfortunately, the scams we have seen have not been limited to Internet fraud. Some scams have resulted from criminals obtaining a check from a business, either through legitimate sources or through theft. The crooks then create fraudulent online ACH transactions using the routing/transit and bank account number located at the bottom of the check.
To avoid fraud in general, we recommend:
- Setting up alerts in Online Cash Management. These alerts can send emails when transactions of a certain type or amount occur. You select the transaction type, amount or even the balance level in the account that triggers the alert.
- Review your account activity on a regular basis and reconcile to your statements at least monthly.
We believe protecting you and your business is a partnership between you and us. Together, we can work to be sure the integrity of your transactions is secure.