A growing trend has arisen amongst hackers. They are now attacking small business bank accounts with malware in order to gain access to funds many business owners think are safe. These crimes, according to computer security specialists, are known as “corporate account takeovers.” This crime is becoming more common amongst small businesses because they lack many of the sophisticated firewalls and oversight that big businesses and corporations can afford.
Unfortunately, business accounts are often not covered by the banks with the same protection plans that personal accounts are given. There are some banks that have security measures, but because federal regulations do not guarantee business accounts as they do personal ones, the banks are not obligated to businesses that fall victim to cyber-thieves to compensate the monies lost. This is changing due to a new court decision.
The First Circuit of United States Court of Appeals, located in Boston, recently decided that a small construction company whose account was raided was to be compensated by their bank, and the two parties were able to reach a quick settlement. The business attacked was Patco Construction, and over a weeklong period nearly $600,000 was stolen using malware known as Zeus, a trojan horse. The bank Patco used quickly ended transactions and recovered money from a day’s worth of transfers, totaling $240,000. Mark Patterson of Patco had wrongly assumed that his bank, Ocean Bank of southern Maine would cover the fraudulent charges.
The bank had recently been taken over by Connecticut-based People’s United Bank, and it won the original court case in 2011 at Maine’s Federal District Court. Patterson and his company then appealed to the U.S. Court of Appeals. A partner at Bernstein Shur, Dan Mitchell, who not only represented Patco, but is also part of Bernstein Shur’s security practice says, “In this case, the bank put settings in place that were counter to good security.” Recently, more banks and their customers have grown more educated about hackers, malware, and the steps to prevent online theft.
An expert in cyber-security, Sari Stern Greene, president of Sage Data Security, also notes how important it is that small business owners become knowledgeable about firewalls and online security. “Online banking security is really a partnership between the customer and the financial institution.” Greene insists on every precaution to avoid hackers access to business accounts, stating, “Businesses invest in locks, alarms and motion sensors; they understand they need those controls in the physical world. And now they need them in the digital world too.”
Ryckman, Pamela. “A Win for Small Businesses in a Bank Fraud Case.” You’re the Boss, The Art of Running a Small Business. Small Business, Business Day. The New York Times. 12/12/12.