Skip to main content

Are cyber criminals stealing your money?

Small businesses, like boat dealerships, have become prime targets for cyber criminals that are now successfully ripping off commercial bank accounts to the tune of more than $1 billion a year. And, if you think your bank will cover any such losses, think again. Banks are under no obligation to reimburse commercial accounts raided by cyber crooks, and most don’t.

Today, Bonnie and Clyde don’t have to keep the getaway car running! They can just sit at the nearby hotel pool with their laptop. Well, while not quite that simple, the facts are that the losses of $43 million annually from good old fashioned “bank stick ‘em ups” looks like petty theft next to today’s cyber heists, according to FBI reports.

Why have small business accounts in the U.S. become prime targets of overseas cyber robbers? Simple: commercial accounts at small community and regional banks are usually protected only by rudimentary security measures, claims Dell SecureWorks. Moreover, unlike individual accounts that are covered by banking Regulation E, commercial accounts are not covered by fraud insurance, thus leaving small businesses stuck with the losses.

Cyber crooks have used software like ZeuS, a Trojan Horse to steal a firm’s online banking passwords. They then can initiate funds transfers to money mules who will launder the funds to Eastern Europe, for example.

Wouldn’t it, then, be a good move by banks to extend protection from cyberfraud to their commercial clients? Apparently not, as Bloomberg News reporters Greg Farrell and Michael Riley found out when they put that question to the America Bankers Association. The response was that businesses might get lax about security if they knew fraud losses would be covered. According to Doug Johnson, senior policy analyst for ABA: “The goal is to . . . have a partnership between a business and a bank and recognize that every one of those partners has a responsibility to secure the environment. If you put in a provision that takes away any responsibility, it gives the commercial customer no motivation to be active partners with the bank."

Not surprising, not everyone agrees. Some examples Farrell and Riley uncovered included Sen. Chuck Schumer’s, D-N.Y., introduction of a bill last year to make banks extend cyberfraud protection to small business clients (the bill went nowhere.) Or, James R. Woodhill, co-founder of cybersecurity firm Authentify, while having a pecuniary interest, wants Congress to require banks to warn commercial clients explicitly of the dangers of cyberfraud. Or, Karen McCarthy whose small business account was hacked for $70,000 last February. She says the bank stopped returning her calls once it became clear the funds were stolen. So much for those partnerships.

Lots of lawsuits has come up, with banks suing their clients and clients counter suing, or vice versa, but there are few decisions, to date, which address what responsibility a bank has to protect its customers. In one recent case, the court ruled the bank was at fault; in another the client.
So what can be done? Short of Congressional or regulatory action, or some great awakening in the banks, all dealers need to clearly understand their accounts could be vulnerable and will likely have to eat any loss if their accounts are hacked. But it’s also reasonable and responsible to ask your banker to provide information about the extent of the protections being employed by the bank, about any prior incidents of hacking and, if any, how they were resolved. Moreover, ask your banker for specific protections the bank recommends you, as a small business customer, should undertake at your dealership.

Related

A Tax Incentive for Innovation

A deep dive into the research and development tax credit usually yields savings

ABYC Reschedules Meetings

Postponed due to Covid, the annual meeting goes virtual in February, and the Marine Law Symposium moves to April in Providence, R.I.

Daiwa Appoints Marketing Manager

Marc Mills will handle marketing efforts for North American and South American markets.

VIP Access Available for MIBS

The tickets include admission to the VIP lounges at One Herald Plaza and the Miami Beach Convention Center, along with other perks.

South Fork Wind Farm Gets EPA Approval

The Clean Air Act permit contains pollution control requirements for the construction and operation of the wind farm, which will be located southwest of Martha’s Vineyard.

Dockmate Launches New Technology

The SoftDocking wireless remote control system eliminates the delay between engaging the throttle and the boat beginning to move.

Minneapolis Innovation Award Winners Announced

NMMA and Boating Writers International handed out the awards in four categories during the Minneapolis Boat Show preview yesterday.