Another article describing how the bad guys are using ‘phishing’ emails to plant key-stroke loggers on unsuspecting small business computers and thus gaining bank account log ins. Eventually crooks clean out a lot of money before getting detected or the account is drained. Frequently, the banks can walk away from any liability since the log-in data appeared to be legit and the problem originated on the customers computer. Wall Street Journal article here.
Preventive techniques suggested in article:
- Use a separate computer for banking activities that is not used for any email or web activities. Thus any infected computers elsewhere in the office would not compromise banking transactions. With the low-cost of desktops and laptops, this is an inexpensive idea.
- Set up your accounts at the bank to require two separate approvals for disbursements. Dual approval is a great idea anyway.
- Reconcile your bank account daily. Best time of day is at the end of the workday.
- Make sure you have the most current version of your web browser.
- Since deposit terms affect whether you have to eat all of any loss, shop around for banks will less severe terms.
My addition to the list:
- Be extremely skeptical of any attachment to any e-mail. Be extraordinarily cautious of opening anything in an email you weren’t expecting.
Check out the full article! I previously commented on this topic here.