How one business thwarted a $500,000 theft

Small business owners are being urged to keep a close eye on their bank accounts after one SME narrowly thwarted a half a million dollar theft.

Cyber thieves gained access to a real estate agency’s bank accounts and withdrew $500,000 before a quick-thinking staff member was able to halt the theft.

It is believed the cyber thieves gained access to the agency’s bank accounts after malware was downloaded into their consumer system, probably from opening an attachment of a clicking on a website link in a scam email. The installed malware allows the criminals to record keystrokes and discover bank log-in details, including the password.

The unauthorised withdrawal of $500,000 was discovered by a staff member the next morning, who immediately contacted their bank. The bank then commenced action to have the transfer terminated and the funds returned. The scammers had not yet collected the money, so the transaction was stopped and the funds were successfully recovered.Faceless hooded cyber criminal

Western Australia’s acting commissioner for consumer protection, David Hillyard, praised the quick action of the staff member, who he said had prevented a devastating loss.

“A delay in reporting this loss and requesting stops be placed on the transfer could have resulted in the funds being in the hands of scammers and the agency facing a financial disaster,” he said.

“We commenced the quick action that was taken which robbed the scammers of a huge windfall from their criminal activities and maintained the agency’s financial integrity. The agency’s best practices standard of reconciling their trust accounts daily was integral to their picking up on the theft quickly.”

Despite successfully thwarting the theft, the agency has implemented more security measures including new and more secure connections to its bank through the use of a real-time device, commonly called a Security Token, which changes the internet banking authorisation passcode on a continual basis.

Two people are now required to independently enter their system-generated and unique password to jointly authorise all transfers of funds out of the trust account, Mr Hillyard explained.

“These measures ensure that an unauthorised transfer request is rejected and the agency is advised,” he said.

In March 2013, a Perth settlement agency had $50,000 in two B-Pay transactions taken from their trust account. In this instance, the suspicious transactions were detected early by the bank and the money was recovered.

How to prevent becoming a victim of theft

Mr Hillyard called on every business owner to be careful about the attachments they open and the links that click on – even if they originate from seemingly innocuous emails.

Mouse cursor clicking on a security button“Giving cyber criminals access to your computer by unknowingly downloading malware means the thieves can compromise your accounting and banking system or they can even spoof emails of executives, tricking staff into making payments,” he explained.

“Staff should be trained to recognise the risks and query these emails to prevent incursions.

“Every business should have procedures and protocols which will prevent unauthorised access to their computer system and to detect malware. Having up-to-date anti-virus and anti-malware software is essential.

“Regular checking of bank account balances and daily reconciling of accounts may uncover unauthorised withdrawals in time for them to be stopped. We advise staff working in the finance area have strict processes around money transfers and changing supplier bank account or contact details.

“Businesses should discuss their online banking security measures with their bank who may recommend extra measures to provide some peace of mind.

“In this latest instance, the agency had put in place all reasonable securities and processes however the scammers were still able to trick the system into commencing the transaction to fraudulently move $500,000 out of their trust account.

“Only through the quick actions of a very diligent staff member had the crime been foiled on this occasion but everyone needs to be vigilant so they don’t fall victim to these cyber criminals.”

promoted stories