The Bank Scam That Hit My Business

Share this post

Reprinted from Chris Mittelstaedt’s column Eureka on Inc.com

FruitGuys founder Chris Mittelstaedt explains how hackers got into his company's bank account--and how not to let it happen to you.

Identity theft isn't just something you have to worry about as an individual; your business identity could be at risk, too.

A few weeks ago my company was the target of a complicated bank scam. At 4:30 p.m. on a Monday afternoon, hackers managed to transfer our main phone line to a google voice number. At the same time, they requested our bank to wire money to an account using an arcane fax-based wire request. A bank employee who was not familiar with our account (our regular banker was out of the office) approved the wire request after calling our "office" and speaking to a scam artist posing as an employee. By the time we realized that our phones had been taken over early the next morning, the hackers had siphoned $15,000 out of the account.

The scam took advantage of the low-security threshold for the arcane wire process and the simple verbal approval process that banks use.  It could have been worse. The bank didn't properly follow its own verification procedures and has since replaced the stolen money.

But my business wasn't the only victim--the hackers  also hit a number of other companies and individuals in the same region all within a few days. Don't let it happen to you.  Here's what you need to know to avoid the same fate.

What You Don't Know Can Hurt You

The fact that our telephone company doesn't have stricter security measures and that our bank could be so easily fooled over the phone, has been a wake-up call. Our previous security measures focused on our own processes. This experience, however, was a good reminder that managing your vendors and deeply understanding their security procedures is key. You need to not only worry about what your business touches--data, people, processes inside the business--but you also need to worry about the security measures that your vendors use.

A Culture of Fraud

When your loss is small, you may be able to manage reimbursement conflicts with your bank rather easily. But through this process, I learned from a banking industry insider that the trend is for banks to move in the direction of limiting liability for loss. Some banks ask customers to sign disclaimers to release them of any liability while offering added "protections" during the fraud-management process. My advice: If your bank starts asking you to sign disclaimers, talk to a lawyer immediately.

Your Rights

While there are established fraud protections for individuals, thanks to such laws as the Fair Credit Reporting Act, The Truth in Lending Act, and The Electronic Fund Transfer Act, business protection falls mainly to the state level. I operate in California, where numerous statutes govern banking transactions, including the California Uniform Commercial Code. Yet, Kurt Taylor of Wilson, Marshall and Taylor, a Silicon Valley law firm, says this about the CA UCC:   "There are many limits on damages for actions under the UCC, and where the bank disclaims responsibility, litigation against the bank for negligence is often the only avenue for the account holder to recover the lost funds."
Thus, if your business is the target of fraud and your bank disputes the claim then the burden for the loss is on you. My banker pointed out that banks generally are extremely reasonable when dealing with fraud and, as in our case, replace the money that was stolen. Even so, I was amazed to learn businesses don't have stronger protection.

How to Protect Yourself  

Here are a few quick steps to help protect against fraud:

  1. Insurance: Talk to your broker about what you can do to hedge your risk against theft with insurance. Make sure you ask specific questions about different kinds of theft.
  2. Banking:  Talk to your bank so that you understand its security procedures. Ask about ways in which the bank has tried to make customers' lives easier but express concern if it's making things too easy.  Also, sign up for positive pay or other verification tools to help watch for check fraud.
  3. Other vendors: Make a list of every vendor that has any sort of data about your business, what you do, and whom you serve, or that manages key functions you can't do without. Learn about their security procedures and make sure you're comfortable with their answers.
  4. Professional help: Hire a security firm to assess your business's weak spots.
  5. Be known: Have a great relationship with your bank and banker or other vendors. Don't be anonymous to them. You want them to know you well enough to ask the question--"is this something that makes sense?"

 

Subscribe to the WEEKLY BITE

* indicates required

 

Recent WorkLife articles:

Assumptions can harm both recruiters and job seekers
July 16, 2019
How to create a dress code that works all year
July 2, 2019
More employers are getting serious about time off
June 27, 2019
Listen and learn something new about work life—wherever you are
June 4, 2019
Best onboarding practices
May 21, 2019
Quick, easy steps to spruce up your office space
May 14, 2019
Reduce plastic use with these earth-friendly alternatives
April 22, 2019
How fostering psychological safety increases performance
April 8, 2019
Does your company’s anti-harassment training measure up?
April 2, 2019
How to keep workplace leftovers out of the garbage
March 28, 2019

More recent articles:

Summer muffin recipe
July 18, 2019
Simple summer salad dressing recipes
July 11, 2019
Summer fruit varieties and when you’ll be seeing them
July 9, 2019
Easy summer pasta recipe
July 4, 2019
Food:
Two Easy Recipes for Canning Stone Fruit
June 25, 2019
Food:
The health benefits of honeydew melon
June 20, 2019
Food:
The delicate flavors of white peaches and nectarines
June 13, 2019
Don’t let plantar fasciitis pain break your stride
June 11, 2019
How to make stone fruit jams and butters
June 6, 2019
Food:
Onions, garlic, and leeks provide many nutritional benefits
May 30, 2019

About Us

Our online magazine offers a taste of workplace culture, trends, and healthy living. It features recipes for easy, delicious work meals and tips on quick office workouts. It's also an opportunity to learn about our GoodWorks program, which helps those in need in our communities and supports small, sustainable farms.