Technology’s Dark Side: How to Prevent ACH Fraud

The convenience of instantaneous information can blind us to technology’s drawbacks, including cyber attacks and data breaches. But there’s another, lesser-known technology-enabled crime to watch for — Automated Clearing House (ACH) fraud.

What is it?

Consumers use the ACH network to make electronic payments directly from their checking or savings accounts to other parties’ accounts, eliminating the need to pay bills with paper checks or physical credit cards. Likewise, companies use it for business-to-business transactions and to pay their employees, contractors and vendors.

Businesses of all sizes can become ACH fraud victims, but small to midsize ones may be most vulnerable. Even when they have substantial financial assets, these companies typically have fewer up-to-date information security measures in place.

How is it perpetrated?

Perpetrators need only obtain an account number and bank routing number to commit ACH fraud. This can be accomplished through:

  • Phishing (tricking email recipients into divulging personal data),
  • Legitimate but hacked websites,
  • Malware, and
  • Account hijacking.

For example, a thief might launch phishing attacks against a bank’s customers. When recipients click on the link in the fake email, they’re taken to a phony bank website and prompted to enter their login information. Thieves capture that information and use it to access online banking accounts, and then initiate ACH payments to their own accounts at a different bank. Finally, the funds are transferred by wire to a third (in most cases, offshore) bank.

What can you do?

No single defense will protect every individual and business that uses the ACH. But some simple steps can reduce risk. First, install firewalls and antivirus, antispyware, and antimalware software on computers and keep these programs updated. Also, ensure that computers, smartphones and networks require complex passwords that must be changed frequently. Finally, ignore unsolicited emails with attachments, links in the body of the message and pop-ups that request personal information.

Using a separate browser for online banking purposes, checking bank accounts daily for unauthorized activity and accessing financial websites only by entering the URL also help. And consumers and employees should pay attention to computers that have slowed down or that repeatedly reboot. These issues can indicate the presence of malware or a virus.

Reducing vulnerability

With a bit of care, you can reduce the risk of ACH fraud and ensure your everyday transactions go forward unimpeded. Contact us for more information.

How can we help?

DISCLAIMER: This blog is provided for informational purposes only and is not a substitute for obtaining accounting, tax, or financial advice from a professional accountant. Presentation of the information in this article does not create nor constitute an accountant-client relationship. While we use reasonable efforts to furnish accurate and up-to-date information, the evolving landscape surrounding these topics is supported by regulations or guidance that are subject to change.

We Value Your Privacy

This site may use cookies to store information on your computer. Some are essential to make our site work and others to improve the user experience. By using this site, you consent to the placement of these cookies and accept our privacy policy.