Is it Bank of America’s fault that a hospital was hacked and lost over a million dollars? Chelan County Hospital No. 1 certainly thinks so, reports an article on krebsonsecurity.com. In 2013, the payroll accounts of the Washington hospital were broken into via cyberspace.
Bank of America got back about $400,000, but the hospital is reeling because the hospital says the bank had been alerted by someone with the Chelan County Treasurer’s staff of something fishy. The bank processed a transfer request of over $600,000—even though the bank was told that this transfer had not been authorized.
In short, some say Bank of America failed to follow contractual policies. And what does the bank have to say for this? They deny the lawsuit allegations. They deny brushing off the hospital’s alert that the wire transfer was not authorized.
This scenario has been replicated many times over the past five years, says the krebsonsecurity.com article. Hackers use Trojans such as ZeuS to infiltrate banks. And not surprisingly, phishing e-mails are the weapon of choice.
Though bank consumers are protected from being wiped out by hackers as long as they report the problem within 60 days, businesses like hospitals don’t have this kind of protection. The business victim will need to sue the bank to recoup all the stolen money. Legal fees will not be covered by the defendant, and they are enormous, which is why it’s not worth it to sue unless the amount stolen is considerable.
Businesses and consumers should:
- Require that family and employees from the ground up complete security training that includes how to recognize phishing e-mails.
- Stage phishing attacks to see how well everyone learned their security training
- Retrain those who fell for the staged attacks
- Make it a rule that more than one person is required to sign off on large transfers
- Know in advance that the bank will not reimburse for most of the stolen money in a hacking incident, and that legal fees for suing can exceed the amount of money stolen.
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- Phishing works and here’s why
A phishing e-mail is sent by a cyberthief to trick its recipient into revealing sensitive information so that the crook could steal money from the recipient or gain access to a business’s classified information. One way to lure an employee is for the crook to make the e-mail appear like it was sent by the
- Beware of the CEO E-mail Scam
Beware of the B.E.C. scam, says a report at fbi.gov. The hackers target businesses and are good at getting what they want. The hackers first learn the name of a company’s CEO or other key figure such as the company’s lawyer or a vendor. They then figure out a way to make an e-mail, coming from
- Protect Yourself from Phishing
Everyone has received very obvious “phishing” e-mails: Messages in your in-box that have outrageous subject lines like “Your Account Will Be Suspended,” or, “You Won!” While some phishing attacks are obvious, others look harmless, such as those in a person’s workplace in-box, seemingly from their company’s higher-ups. Researchers point out that an e-mail may appear to come
- Take Privacy Seriously When Transferring Money Overseas
According to a study done by the World Bank, money sent home by expatriates last year totaled a staggering £335 billion (about $509 billion) – or three times the amount of global aid budgets. It’s common for workers all over the world to supplement the incomes of their families back home, but the current amount
- Security training: the Human Being is impossible to fix
As long as humans sit at computer screens, there will always be infected computers. There’s just no end to people being duped into clicking links that download viruses. A report at theregister.co.uk explains how subjects, unaware they were guinea pigs, fell for a phishing experiment. Subjects were sent an FB message or e-mail from an unfamiliar sender,