An article in The Washington Post and comments from Avivah Litan, vice president at the market research firm Gartner Inc, regarding fraudsters targeting commercial business accounts caught my attention….and if you run a business, you should pay attention too.
Apparently the bad guys have figured out yet another way to steal real money and they are targeting business accounts rather than personal accounts.
The fraud involves mules and mule recruiters, some keylogger software planted on the PC of an unknowing person inside a bank, some social engineering and some fake, but real looking websites.
Notice how the bad guys are focusing on people and their lack of awareness??
For example, the mule recruiters are the bad guys with fake, but legitimate looking web sites who send out e-mails and recruit people to receive the money transfers and then pass the money along to the bad guys, who have convinced the mules they are a real and trusted company.
The scary part for businesses is their bank accounts are treated differently than consumer accounts. “If a company gets hacked and someone manages to clean out that firm’s bank account, the company’s bank is under no obligation to make that customer whole,” said Litan.
The bad guys are targeting two weak links: ACH (automated clearinghouse) systems and People.
This is a serious lesson learned and remember….lessons learned are not valuable until they become lessons implemented. Are you implementing new processes for your people and your systems?