January 11, 2017
$1.5M Cyber-Heist Typifies Growing Threat
Nearly every week, you hear a news story about a cyber-attack or a rogue virus sweeping through the country or the world. Maybe you’re a little bit skeptical: Are these viruses really a problem for you? Are these cyber-attacks really aimed at a business like yours? Cybersecurity company Symantec reports, that 52.4% of recent “phishing” attacks were aimed at small and medium sized businesses.
Efficient Escrow of California was forced to close its doors and lay off its entire staff when cybercriminals nabbed $1.5 million from its bank account. The thieves gained access to the escrow company’s bank data using a form of “Trojan horse” malware.
[column lg=”8″ md=”12″ sm=”12″ xs=”12″ ]
The company recovered the first thieving transfer of $432,215, but not the next two, which totaled $1.1 million. They were shocked to discover that banks are under no obligation to recoup losses in a cyber-theft against a commercial account. (Protections for consumer accounts are far more robust than those for commercial accounts). That meant a loss of $1.1 million, in a year when they expected to clear less than half that. Unable to replace the funds, they were shut down by state regulators just three days after reporting the loss.
[/column][column lg=”3″ md=”12″ sm=”12″ xs=”12″ ][well type=””]
“The number of crippling attacks against everyday businesses is growing.”
Net result? The two brothers who owned the firm lost their nine-person staff and faced mounting attorneys’ fees nearing the total amount of the funds recovered, with no immediate way to return their customers’ money.
Avoid Getting Blindsided
While hacks against the big boys like Target and Home Depot get plenty of public attention, cyber-attacks on small and medium-sized companies rarely make national headlines. Don’t let this lull you into a false sense of security. The number of crippling attacks against everyday businesses is growing. Here are three examples of small business cyber-crises which were too small to make national headlines:
- Green Ford Sales, a car dealership in Kansas, lost $23,000 when hackers broke into their network and swiped bank account info. They added nine fake employees to the company payroll and paid them a total of $63,000 before the company caught on. Only some of the transfers could be canceled in time.
- Wright Hotels had $1 million drained from their bank account after thieves gained access to a company e-mail account. Information gleaned from e-mails allowed the thieves to impersonate the owner and convince the bookkeeper to wire money to an account in China.
- Maine-based PATCO Construction lost $588,000 in a Trojan horse cyber-heist. They managed to reclaim some of it, but that was offset by the interest they had to pay on thousands of dollars in overdraft loans from their bank.
Why You’re A Target
Increasingly, cyber-thieves view SMBs like yours and mine as easy targets. That’s because, all too often, SMBs have:
- Thousands of dollars in cash.
- A false sense of security about not being targeted, resulting in a poor defense system in the cyber-crime war.
- Our customers’ credit card information, social security numbers, and other data which hackers can easily sell on the black market.
How To Fight Back
If you don’t want your company to become yet another statistic in today’s cyberwar, and your business doesn’t currently have a “bullet-proof” security shield, you MUST take action without delay — or put everything you’ve worked for at risk. The choice is yours. Don’t know what to do first? Here are 3 things you can do right away:
- Remove software that you don’t need from any systems linked to your bank account.
- Make sure NO ONE with a device in your network EVER opens an attachment in an unexpected e-mail.
- Require two people to sign off on every banking transaction.
Let Us Help
We are offering our Cyber Security Assessment at no cost through the end of January. To reserve yours, email firstname.lastname@example.org TODAY— because we can only offer this valuable service to the first 8 companies that apply.