Cybercrminals are stealing from small and medium businesses at an unprecedented rate.

Cyberthieves are cracking into the online bank accounts of small- and medium-sized businesses at an unprecedented rate.  Banks are failing to take proactive steps to protect their SMB customers, and, as a result, many SMBs are changing banks.



That’s what the Ponemon Institute and Guardian Analytics found in a survey of more than 500 executives and owners of SMBs in the U.S. These findings quantify the degree to which cyber crooks are wiring funds from online banking accounts. The study results, released today, show:

  • 55% of businesses reported experiencing fraud in the last 12 months, with 58% enabled by online banking activities.
  •  80% of banks failed to catch fraud before funds were transferred out of their institution.
  • In 87% of fraud attacks, the bank was unable to fully recover assets.
  •  57% of the respondents that experienced a fraud attack were not fully compensated by their banks.
  •  26% were not compensated for any part of their losses.
  •  40% of defrauded businesses moved their banking activities elsewhere.
  •  24% of businesses claim that their banks do not provide a policy explaining the bank’s responsibilities to secure and protect their companies’ accounts from fraud.
  •  39% are unsure if such a policy exists.

“The data is clear – financial institutions’ are failing to protect small and medium business assets,” says Terry Austin, CEO, Guardian Analytics. “This is crushing to the SMBs, which are at the heart of our economic recovery.”

Larry Ponemon, chairman and founder of the Ponemon Institute, says banks need to “evolve their definition of reasonable security and proactively invest in process and technology to better protect their online banking customers.”

At present, U.S. law allow banks to place the burden on business owners for keeping assets managed via online banking secure, says Juan Santana, CEO of Panda Security.

“The implications of this for SMBs are phenomenal,” says Santana. “Many of these are individuals with their personal assets closely tied to the company’s. SMBs are the companies most in need of protection but are those that are probably least aware of the threats.”

Via USA Today