The Indiana Banker’s Association has recently notified Horizon Bank that many schools and municipalities have been victims of Automatic Clearinghouse (ACH) fraud in the past couple months, attacked by malicious software used by perpetrators in an attempt to obtain online banking information.
Small businesses are often the target of ACH fraud because they often do not use updated anti-virus software or have dual control over accounts. Perpetrators steal credentials in several ways:
- Mimicking a legitimate financial institution. Unsuspecting individuals give out their credentials not knowing the site is fake and information is being stolen.
- Malware. Perpetrators use malicious software that infects a user’s computer. The virus is usually downloaded via an email attachment or when a user clicks on a specific link. It can also be downloaded when users click on suspicious links, particularly from social networking sites. A keylogging software is then downloaded to the computer which allows perpetrators to steal username and password information logging into legitimate sites, like Horizon Bank’s online banking.
The worst-case scenario is that perpetrators take over the account. To banks, the perpetrator appears to be a legitimate user. Essentially once the perpetrator has full access to the account, they can do any business transaction the legitimate owner could do.
There are a handful of warning signs that a business account has been attacked.
Perpetrators first test the account to see if they have access. They will then begin to transfer money out to other accounts, or transfer money in from other victims to transfer out again, adding several layers to the crime.
Our Treasury management, Deposit Operations and Fraud teams are all working together to monitor Horizon Bank accounts for this type of activity, but you should continue to review your business’s online account for any suspicious activity. If you have any questions or suspect that the account of your business may have been compromised, please contact us at 1-888-873-2640.