Online bill payments and automatic payroll deposits are fairly commonplace in today’s technology enabled culture. But the downside of these paperless, instantaneous solutions is that they open the door to Automated Clearing House (ACH) fraud.
What is it?
Consumers use the ACH network to make electronic payments directly from their checking or savings accounts to other parties’ accounts, eliminating the need to pay bills with paper checks or physical credit cards. Likewise, companies use it for business-to-business transactions and to pay their employees, contractors and vendors.
Businesses of all sizes can become ACH fraud victims, but small to midsize ones may be most vulnerable. Even when they have substantial financial assets, these companies typically have fewer up-to-date information security measures in place.
How is it perpetrated?
Perpetrators need only obtain an account number and bank routing number to commit ACH fraud. This can be accomplished through:
- Phishing (tricking email recipients into divulging personal data)
- Legitimate but hacked websites
- Account hijacking
For example, a thief might launch phishing attacks against a bank’s customers. When recipients click on the link in the fake email, they’re taken to a phony bank website and prompted to enter their login information. Thieves capture that information and use it to access online banking accounts, and then initiate ACH payments to their own accounts at a different bank. Finally, the funds are transferred by wire to a third (in most cases, offshore) bank.
What can you do?
No single defense will protect every individual and business that uses the ACH. But some simple steps can reduce risk. First, install firewalls and antivirus, antispyware, and anti-malware software on computers and keep these programs updated. Also, ensure that computers, smartphones and networks require complex passwords that must be changed frequently. Finally, ignore unsolicited emails with attachments, links in the body of the message and pop-ups that request personal information.
Using a separate browser for online banking purposes, checking bank accounts daily for unauthorized activity and accessing financial websites only by entering the URL also help. And consumers and employees should pay attention to computers that have slowed down or that repeatedly reboot. These issues can indicate the presence of malware or a virus.
Taking advantage of the convenience technology offers doesn’t have to leave you vulnerable to cyber attacks and data breaches. With some preventative measures, you can reduce the risk of ACH fraud and ensure your everyday transactions go forward unimpeded. For more information about preventing fraud, call us at 949-860-9902 or click here to contact us.