Visit our Facebook page and become a fan.
9 Ways to Avoid Online Bank Robbery
Avoid an Online Banking Disaster
These days, it's possible -- even easy -- for a thief to rob a bank without ever leaving home. And the victims of those crimes could include your bank, and your account. Whether via malware threats or phishing scams, once an attacker gets your login credentials, he'll move quickly to drain your business checking account. Some malware even masks the theft by displaying a fake balance when you log into your account.
What's worse is that small business accounts don't get the same protection from U.S. banking regulations that protect consumers. If a thief wipes out a business checking account with an online attack, the account-holder is usually out of luck -- and perhaps out of business.
Scary stuff for small-business owners -- and good reason to treat all online banking as an inherently risky activity. Fortunately, there are ways to minimize your exposure to online banking risks.
Practice Good Password Security
Some business owners understand that a strong banking password is a critical first line of defense. Others just don't get the message. In fact, an alarming number of online passwords still consist of common, easy-to-guess phrases.
If your favorite password is "123456," consider this your wake-up call: You're courting disaster with such a weak password. Instead, use a strong password that combines lower- and uppercase letters, numbers, and (if possible) non-alphanumeric characters.
Just as important: Don't use your online banking password anywhere else -- ever. And don't store an unencrypted password on a computer or anywhere else an outsider might access it. Instead, consider using password-management software that simplifies the task of creating and saving strong passwords.
Beware of Phishing Scams
Phishing -- the practice of tricking people into giving up their bank-account login credentials or other sensitive data -- is a common tactic among scammers.
A typical phishing scam might involve an email, apparently from your bank, that asks you to click on a link, log in, and "update" your profile. Follow that link, and you'll see a website that looks and works just like your bank's site.
But it's really a clever fake. When you enter your login credentials, the attacker will capture that data and access your account.
Beware of any email asking you to provide or update your banking information. Never, ever, follow an email link to log in to a financial-services website. Always type the URL directly into your browser window. And always look at your browser's address window for confirmation that you're logging in to a legitimate website. (Look at your browser's documentation for more information on how to do this.)
Remember: Phishing Also Happens Offline
Some scammers use phone calls and personal interaction to squeeze information out of a target. This practice is referred to as "social engineering," and famous hackers like Kevin Mitnick were notorious for gathering sensitive information by posing as co-workers, service technicians, or customers.
These kinds of tactics can work even if your employees don't give up vital information like logins and passwords. Instead, an attacker may piece together small bits of seemingly harmless information to draw valuable conclusions that could help him access your company's computer systems, online accounts, or login information.
Train your employees to recognize that a caller or visitor may not be whom they claim to be -- and that giving out information to unknown and non-trusted sources is always a no-no.
Keep Your Defenses Up-to-Date
If you use Windows PCs, antivirus software isn't an option -- it's a requirement. It's a bad idea even to connect a PC to the Internet if it lacks a working firewall and antimalware protection. These tools aren't perfect, but they're much better than having no protection at all.
The debate over whether you need to use antimalware on a Mac or Linux system is a contentious one, and it's true that very few malware attacks target these platforms today. On the other hand, it only takes one successful malware attack to compromise your system and expose your online banking login to an attacker. Sometimes, a little "insurance" can help you be safe instead of sorry.
By the way, the same thing increasingly applies to mobile banking apps. Mobile malware may not be as common today as the desktop variety, but that is changing -- quickly.
Don't Guess at Security Measures
If you're not completely positive that you understand how to choose and configure your antimalware, firewall, and other security tools, turn to a tech-savvy employee or hire an IT consultant to do the job. The money you spend on professional IT support and security services just might save your business in the long run.
There's also another type of security to consider: cloud-based services that take over many of the functions normally performed by in-house security software and hardware. These services can be as simple as anti-spam tools for your email or as complex as managed-security services that oversee all of your company's online security functions. Outsourced IT security isn't for every small business, and it can be relatively expensive. But it's often a great option if you want access to big-business security tools without having to do it all yourself.
Use a Dedicated 'Banking PC'
Some businesses use a special, dedicated PC to do their online banking. Even an older, unused PC might be suitable for this task. Just be sure to never use this "clean" PC for Web browsing, email, or any other activity that might possibly expose it to malware.
Another increasingly popular option is to use dedicated virtual machines for different online tasks. A user might, for example, set up one virtual machine for general Web browsing, another for email and other business tasks, and yet another solely for online banking. That way, if you suspect the VM has been compromised by malware, you can simply delete it and install a fresh one.
One drawback of this approach is the fact that many small-business owners still aren't familiar with virtual-machine technology. Once you learn how to create and use VMs, however, it's relatively easy to work with them.
Use a Linux 'Live' Installation for Online Banking
Some very security-conscious companies access their online banking site only by loading a DVD-based Linux operating system that is completely invulnerable to password-sniffing malware. More information on how to use these Linux "live" discs is available here.
This is an extreme security measure, but at least some experts think it's a necessary one. And while -- we'll say it again -- there's no such thing as perfect online security, sticking to this approach -- with no exceptions -- might provide as close to absolute safety as a typical small-business online banking customer will ever get.
Keep a Close Eye on Your Accounts
It's a good idea for consumers to check their accounts every day for potentially fraudulent activity. If you have a business checking account, you might want to conduct such checks several times a day. Contact your bank instantly if you notice or even suspect fraudulent activity.
Lots of banks actually make this process easier with email or mobile-phone alerts based on specific triggers -- including account activity or changes to your online profile. Set the alerts to work for you, and always pay attention to what they're telling you about your account.
Remember: U.S. banking regulations make it very difficult for business checking-account holders to get their money back if a thief steals their login credentials and rips them off. That's why you can't depend on your bank or anyone else to protect you.
Protect Yourself -- but Don't Panic
There's no turning back the clock: For most small businesses, online banking is an extremely useful tool, and it's here to stay. Despite the threats, in many cases, going back to making physical deposits at a local branch simply isn't practical.
But there's no need to panic. By practicing common sense and taking responsibility for educating yourself about online threats, it's relatively easy to make your business a lousy target for would-be thieves. And that may be all it takes. With so many small businesses doing things that make them tempting targets, perhaps all you really need to do is be a little more secure than the next business.
Wireless Business Solution Zee Tawasha