A few precautions can protect your business from hackers

by Maggie Stauff Special to The Review

Sony. Home Depot. Target.

These high profile companies are well-known as victims of data hacking throughout the past few years, but businesses of all types and sizes are vulnerable to fraud involving information, wire transfers and other types of payments.

According to the 2015 Payments Fraud and Control Survey by the Association for Financial Professionals, 62 percent of companies experienced payment fraud last year. While check fraud still is the most common method at 77 percent, wire fraud has nearly doubled since 2013 to 27 percent, and credit and debit card fraud is at 34 percent.

Many business owners are aware of the risk of identity theft and take appropriate precautions, but often don’t consider the need to protect their business’ banking operations. It’s important to have controls in place for your banking accounts. Some of the most successful ways to steal money can involve something as simple as email – if an employee’s email account has been hacked.

In a typical scenario, hackers gain access to the email account of a CEO, CFO or other key executive and send an email to a comptroller or other accounting employee indicating there is an urgent wire that needs to be sent to a specific account. Because the email appears to be authentic and from the executive, wire transfers are frequently completed before the fraud is detected.

This type of electronic wire or payment fraud is called “spear phishing,” which targets high profile executives or employees with malware. There are also other common methods used in electronic payment fraud such as phishing, in which emails are used in an attempt to gain access to sensitive or confidential information, and vishing – an automated phone call telling the recipient there is a problem with a bank account or ATM card. The call directs the recipient to contact his or her bank and provides a phone number or website that is fraudulent, often resulting in loss of funds.

Can you guard against hacking?

There is no guarantee hacking can be prevented, but below are some recommendations to help your business become less vulnerable:

Accept that it can happen to you – It might seem odd, but many business owners do not believe their operations could be hacked, despite numerous high profile examples. The 2014 Global Fraud Study by the Association of Certified Fraud Examiners found that a typical business or organization loses five percent of revenue each year to fraud, with a median loss of $145,000. Smaller businesses are more vulnerable and suffer disproportionally bigger losses. The median discovery time to detect fraud was 18 months after it began.

Optimize passwords – Don’t reuse them and don’t trust any website to store them securely. To maximize security, set up a two-step process to verify and approve actions and activity for all your online business accounts. Implement password protection and “timeout” functions, which require re-login after a period of inactivity, and require strong passwords that must be changed on a regular basis.

Use encryption – Mandate encryption of all data and consider encrypting email within your company if personal information is transmitted. Avoid using Wi-Fi networks, which allow data to be intercepted.

Don’t mix social media with financials – Use separate devices for financial activity, including online banking and email or social media. Keeping those activities separate will reduce the risk that an infected social site could compromise your banking and business operations.

Secure your computers, systems and data.

Make sure you stay current with the latest version of your browser and have your IT staff or consultant test its configuration for weakness.

Update all operating systems, which have security improvements embedded.

Make sure your Internet router is secure so data can’t be intercepted.

Enlist your employees’ help – Establish a written policy about data security and inform what types of information are sensitive or confidential and responsibilities are to protect that data.

Tips for preventing wire fraud:

Utilize a dual control process for money movement.

Never send money from your account solely based on an electronic request.

Block pop-ups and plug-ins on computers used to conduct business.

Use separate email addresses for personal/company business.

Log out of online sessions when not in use.

Always type the bank’s Web address into your Internet browser rather than cutting and pasting from a link.

Never provide sensitive information over the phone unless you placed the call or are sure you are speaking with the correct party.

Immediately report suspicious transactions or activity.

Although hacking and wire fraud are widespread, they are not inevitable and your bank’s treasury management team can help you put fraud-prevention measures in place. Be aware and take precautions to help ensure your business, assets and information stay secure.

Maggie Stauff is Vice President, Senior Treasury Management Banking Officer for Wisconsin Bank & Trust, Member FDIC


Most recent cover pages:














Copyright 2009-2018 The Plymouth Review, All Rights Reserved

Contact Information

113 E. Mill St., Plymouth WI 53073
Local: 920-893-6411 Toll Free: 1-877-467-6591
Fax: 920-893-5505








Rupp's



Sunset Tours