The daily operations of business increasingly rely on technology. A greater reliance on technology increases exposure to cyber-attacks. Risks range from data breaches and interruptions in operations, to fraudulent activity with your business banking account.
The most threats result from social engineering (phishing) and ransomware attacks. In these situations, employees are the target through their daily phone calls, emails or face-to-face interactions.
For a business, employees and online users of bank accounts are often the most vulnerable. Below you’ll find best practices to help mitigate the risk of your business falling victim to an attack.
Best practices for business online banking users
Let's start with a few simple tips for online banking users that can maximize your business' safety.
- Treat unsolicited emails with caution and never click on unknown website links. When in doubt, delete the email or call the sender to verify they sent the message before clicking anything. Attackers often use unsolicited emails to infect a computer with ransomware, preventing users from accessing their system and online banking platforms until a payment is made.
- Require separate login credentials for system administrators. To reduce the risk of an administrative ID becoming compromised, online banking administrators should create separate, unique user IDs for day to day banking activities, only using the administrative ID for user maintenance.
- Use strong passwords. Consider passphrases over passwords by thinking of the lyrics to your favorite song. Use the chorus and mix in a special character to create a secure and strong password. Check out the INTRUST Security Center for more tips on strong passwords.
- Never provide your password to anyone. INTRUST Bank or any credible vendor will never ask for your secure information. It is important to keep passwords secure by never storing them on a piece of paper or an unencrypted computer file, like a Word document. Consider using a password manager to store your passwords.
Increase your protection with online and mobile banking
Taking additional precautions to monitor bank accounts with Business Online and Mobile Banking can minimize the risk of an attack. Use these resources to keep accounts secure.
- Consider additional online protection to prevent check or ACH fraud with Positive Pay:
- ACH Positive Pay reduces fraudulent transactions by automatically filtering unauthorized ACH debit transactions using criteria setup by your online banking administrator. Administrators will receive an email alert if unusual activity takes place, allowing for an easy review of the transaction to determine whether to pay or block the debit.
- Check Positive Pay performs a daily reconcilement of issued checks against those that were actually presented for payment. If a check doesn't match, your system administrator will receive an email alert and have the ability to reject payment if necessary.
- Monitor ACH transactions, wire transfers and bill payments within online and mobile banking. Look for suspicious activity on statements and verify the source of all debits.
- Use alerts to identify unusual activity with real-time notifications for posted ACH transactions, balance thresholds or changes to an administrator's contact information.
Steps to take if you detect fraud
If you suspect someone is trying to gain access to your online banking information, immediately notify INTRUST Bank's Treasury Service Department. For more resources on how to protect your business from cyber risks, visit the INTRUST Security Center.