Thanks to the Internet and wireless technology, freelancers can turn almost any place in the world into their workplace. But the speed and convenience of doing business online all the time carries special risks for the self-employed. That’s because they juggle multiple tasks and they may not have the budget to implement strong online security measures to detect and stop fraud. Even worse, freelancers may not be covered by the same fraud protection available to individual consumers. And if disaster strikes, they may not have the resources to recover.<
Online Bank Robbery Can Leave the Self-Employed Holding the Bag
Online banking is a prime example. Accountants advise the self-employed – freelancers and small businesses – to open a separate bank account for their business transactions. And most banks urge their customers to bank online. But what many people who work for themselves don’t know is that customers with business bank accounts may not be protected from loss the way individual consumers are when their online security is breached by hackers.
According to cbsnews.com, that’s what happened to a small Los Angeles import export business run by Fan Bao and his wife Cathy Huang. Bao lost $50,000 when Bank of America allowed the first of two fraudulent wire transfers from Bao’s business checking account to be sent to a bank in Croatia that he had never done business with. The bank didn’t get authentication for the transfer before it went through. Nevertheless it told Bao he was out the money because his loss was not the result of a breach in its security. According to the terms and conditions of Fan Bao’s business checking account, BofA didn’t have to make any special effort to detect errors in wire transfer requests. There was no other indication of hacking on any of the couple’s computers, according to Bao’s attorney Nada Alnajafi. So Bao sued Bank of America to recover the money he lost. The suit was ultimately settled out of court.
However the online security of Fan Bao’s business account was compromised, the FDIC says it’s important to understand that businesses of any size aren’t covered by federal consumer protections against unauthorized electronic funds transfers. That means a bank will not be responsible for reimbursing losses from the account if negligence on the part of the business played a role. That includes poor computer security and falling prey to online scams.
How Spear Phishing Catches Online Banking Customers Off Guard
Guardian Analytics, the online fraud prevention firm, says the most common cause of online banking fraud is a virus infecting the victim’s computer typically resulting from a spear-phishing attack. A common attack would begin with a consumer getting an email that appears to be from his bank, asking him to click on a link and visit a website. So if you have a small business, watch out! Organized crime rings operating mostly out of Eastern Europe target small businesses whose accounts aren’t typically covered by insurance as individual accounts are.
Watch Out for Who’s Minding Your Business at Wifi Hotspots
Wifi hotspots are another danger zone for the self-employed. Using free Wifi connections is a freelancer’s dream. But it could easily turn into your worst nightmare if someone hijacks your account information at a hotspot. That’s easy to do because the vast majority of hotspots are unsecured – meaning whatever business you’re doing becomes everybody else’s business. Once you get hacked at a hotspot, a cyber thief can do business in your name, stealing and selling, not only your confidential business information, but also your clients’. And that can end up costing your business big bucks. According to security and identity theft expert Robert Siciliano, laptops are one of the biggest data breach points. That’s why laptop data needs to be encrypted with VPN software wherever you do business.
Make It Your Business to Safeguard Your Online Security
∙ Make sure your firewall is turned on and your virus and malware protection software is up to date. Run scans frequently.
∙ Create a secure password for your WPA2 router that’s impossible for a hacker to guess or crack with a brute force attack. That means one with between 8 and 20 letters (upper and lower case), as well as some numbers and characters. Avoid using dictionary words, proper names, common phrases and consecutive numbers. Change your password often.
∙ Use different passwords for each one of your accounts and change them immediately if you suspect your online security has been compromised.
∙ If you have a business checking account, check with your bank about what your liability is for unauthorized electronic transactions. Does it have procedures in place to alert your company to fraud in a timely manner? Does it provide security tokens for business account holders?
∙ Avoid clicking on links or attachments in email requesting confidential financial information. Financial institutions and the IRS will never ask you for personal information online.
∙ Disable file sharing.
∙ Set up your wireless network as “access point” instead of “ad hoc” or
“peer to peer.” That will make your wireless network more secure by preventing it from connecting to rogue Wifi networks designed to steal your information.
∙ Turn off your wireless connection when you know you won’t be using it.
∙ Use VPN software like PRIVATE WiFi™ to encrypt the data traveling to and from your computer. That makes it invisible to hackers, so your business will be no one else’s business.
If your small business account was hacked, we’d like to hear what happened. Drop us a line and share your story.