I was reading the Wall Street Journal website recently, and came across an interesting article about online bank fraud. The article was about a small business owner in California had over $100,000 stolen from his bank account.
He only recovered about $50,000 of it back. The other $50,000 went to a bank in Europe, where mules (someone who receives the stolen money) started to withdraw the money from the bank account.
How did this happen? The business owner had spyware on his computer that transferred his banking username and password to the hackers. I always shake my head when I read an article like this, because I know it could have been easily avoided.
Anti-virus and anti-spyware
The first step in protecting yourself is to make sure your computer has anti-virus and anti-spyware installed.
If you’re doing online banking, make sure that you’re using commercial quality protection – not something you download from the Internet for free.
The stronger your first layer of protection, the safer you are online.
We see computers every day that don’t have this simplest of protection installed; or, worse, the business owner has installed protection software, but then fails to keep it updated or renewed.
Unified threat management
The next step is to invest in a unified threat management (UTM) firewall. A UTM firewall is miles ahead of the simple DSL or cable routers you’d pick up at the office supply store.
They offer solid protection against viruses, hackers, spyware, and the host of other Internet dangers.
The device scans all Internet traffic in real time, and can protect you even before the anti-virus and antispyware vendors have updated their software for new attacks.
UTM firewalls can also implement web filtering and prevent the computer from reaching the intended attacker.
Web filtering can block access to websites that contain malware and spyware; it can also protect employees from going places they shouldn’t be.
Fortinet is our preferred vendor that makes firewall appliances that do what I describe above. A dedicated firewall and UTM appliance is very effective in helping prevent an attack such as this.
Block SPAM at the source
One of the sneakiest ways hackers can compromise your computer is through email, so you’ll want to look for a rock-solid spam filtering solution. Numerous cloud based (hosted) solutions exist that are very inexpensive. A good spam filter will keep viruses, phishing and other attacks from hitting your email. Reflexion is our favorite cloud based email filtering solution. The product is easy to use, well supported and extremely effective.
With online banking, phishing attacks are very common. Someone creates an email that looks like your bank in an attempt to collect information, you click on the link, and next thing you know, the hackers have your login and password.
Personally, I never open emails from my bank. Most banks will not contact you for important account information with email.
Perform regular maintenance
The fourth step to keeping your computers safe is patch management. Microsoft releases security updates for Windows nearly very week. Having a trained IT professional ensure patches are applied correctly – and quickly – will protect you from any security holes in the software that you’re running.
Most small businesses should look at one of our managed service plans, which provides you with “whatever it takes” service at a low fixed monthly cost.
The final step is a matter of common sense. Most people will go to potentially hazardous websites or click on something they shouldn’t have. My suggestion is if you are doing Internet banking, it should be on a computer that is used the least.
If you are going to go to questionable websites, don’t do it on the computer where you do your banking.