ACH & Wire Transfer Fraud: Protect Your Business


ACH transactions and wire transfers are the fastest way to move funds to another business, person, or other recipient. Both ACH (automated clearing house) transactions and wire transfers are forms of electronic fund transfers (EFTs). Wire transfers typically involve larger sums of money and are transferred between banks. ACH transfers are scheduled transactions, like online bill payments, that typically involve smaller amounts of money.

Unfortunately, cybercriminals have discovered how to steal your hard-earned money. They use a variety of tools including phishing emails, compromised legitimate websites, fake friend requests on social sites, and malware to obtain your bank logon credentials. Once they have them; they can use them to transfer money out of your bank account and into theirs. They often target small-to-medium-sized businesses because these businesses often do not use dual controls on their accounts nor have they adopted a strong information security posture.

Establishing a strong information security posture is not a “one-size-fits-all” solution, and it's not as simple as installing a firewall or having anti-virus protection. Each organization has unique business functions that require appropriate security measures to be in place to, not only protect your organization from fraud, but to comply with industry standards, ever-changing federal regulations and state privacy laws. 

Protecting yourself or your business from the negative impacts of fraud should be a top priority. Whether your concerns relate to check or electronic payment fraud, the risks continue to grow. What can you do?

How To Protect Yourself From Wire transfer and ACH Fraud

Secure your computer, smartphone and network

  • Install a firewall on your computer and/or network to prevent unauthorized access.
  • Install and run anti‐virus, anti‐spyware, and anti-malware software on your computer and keep them updated.
  • Change all default passwords on your computer, smartphone and network and create complex passwords.
  • Note any changes in the performance of your computer such as a dramatic loss of speed, changes in the way things appear, the computer locks up or doesn't work correctly, unexpected rebooting, or anything out of the ordinary.

Be cautious when online

  • Never respond to an email or popup with personal information.
  • Make sure you have a reasonable expectation of privacy prior to logging into a website.
  • Never open attachments in unsolicited email.
  • Never click on links in bulk email.

Be cautious when banking online

  • Designate a single computer for your online banking.
  • Install a separate browser to be used exclusively for online banking.
  • Close all other browser tabs when banking online.
  • Log off your online banking when not in use.
  • Monitor and reconcile accounts daily for unauthorized transactions. Report any unauthorized transactions to your bank immediately.
  • Discuss options offered by your financial institution to help detect and prevent abnormal activity.
  • Never use your online banking password for any other online account or purpose.
  • Never share your online banking logon credentials (user ID and password) with anyone.
  • Never share your account number with anyone who does not need it.
  • Never access your bank account using a public computer (e.g., at the library or a hotel business office).
  • Never use a link in an email to visit a financial website. Always type the URL in the browser by hand.
  • Be wary of an unexpected request for a one time password or token in the middle of an online session.

Transferring funds, either by ACH or wire, is generally safe when using a financial institution. However, if your computer has become infected with malicious software (malware), cybercriminals can steal usernames and passwords and defeat common methods of user authentication employed by financial institutions. You can protect yourself from malware by adopting safe online practices and keeping your computers and network secure. Learn more about how to secure your computers and network in other articles found on this website.  

Each organization is unique, and so are its information security needs. InfoSight Inc uses a customized approach that helps organizations identify, implement and manage cost effective security controls. Visit www.infosightinc.com to help ensure the privacy and security of your corporate and financial information.