$200,000 Stolen from Body Shop in Online Banking Scam - BodyShop Business

$200,000 Stolen from Body Shop in Online Banking Scam

What looked like a run-of-the-mill error message on an online banking site turned out to be part of a scam to rob businesses of thousands of dollars. Clarke Collision Center of Hudson, Ohio, lost $200,000 from its accounts with Fifth Third Bank recently, simply by logging into its bank account online.

An employee of the collision center logged in to the shop’s online bank account, entering a username, password and a special passcode generated by the site to increase online security. However, after the information was entered, a page appeared saying the bank’s site was temporarily unavailable. When the employee called a customer service number provided on the page, she discovered it was out of service and became suspicious, according to online security blog Krebs on Security.

It turns out that malicious software, or malware, had been installed on Clarke Collision’s computer without the shop’s knowledge, enabling a hacker to access the shop’s bank account information online while displaying a phony error page on the shop’s computer. After finding the bank’s real customer service phone number, the shop employee discovered that $200,000 had been wired out of the shop’s bank accounts to accounts in the U.S. and overseas.

“She reported it to the bank at 9 a.m. that morning,” security consultant Craig Kintz, who assisted the shop with the case, told Krebs on Security. “By 11:30 a.m., the bank had frozen all of the company’s accounts, but by that time those accounts had all been emptied.”

Luckily, Fifth Third Bank was able to stop payment on many of the pending transfers and refunded the shop the rest of the stolen money. However, the bank says many other businesses were also targeted that day.

Blog author and computer security expert Brian Krebs noted in a subsequent post that small business takes on a huge liability when banking online because banks aren’t legally obligated to reimburse funds lost to fraudulent activity.

“Businesses do not have the same protection against fraud that consumers enjoy,” Krebs wrote. “Indeed, most companies that get hit with this type of fraud quickly figure out that their banks are under no legal obligation to reimburse them.”

In the third quarter of 2009 alone, more than $25 million was stolen from small to mid-sized businesses in online banking scams similar to what Clarke Collision experienced.

More information:

Krebs on Security archives on online threats to small businesses

You May Also Like

Cruise Postpones Release of Driverless Taxi Service

Cruise, a GM subsidiary, recently announced that it will miss its goal of launching a large-scale self-driving taxi service in 2019.

Cruise, a GM subsidiary, recently announced that it will miss its goal of launching a large-scale self-driving taxi service in 2019. Cruise CEO Dan Ammann said the company plans to dramatically increase the number of its autonomous test vehicles on the road in San Francisco, but will not be offering rides to regular people this year, according to an article from The Verge.

Cutting Edge Automotive Solutions Partners with Andretti Rallycross

Andretti Rallycross announced that Cutting Edge Automotive Solutions will serve as technical partner on Cabot Bigham’s No. 02 OINK Clothing Beetle for the remainder of the 2019 Americas Rallycross season, showcasing their SP Tools USA brand.

Ford, Volkswagen Expand Collaboration to Include Autonomous, Electric Vehicles

Ford Motor Company and Volkswagen AG announced they are expanding their global alliance to include electric vehicles – and will collaborate with Argo AI to introduce autonomous vehicle technology in the U.S. and Europe.

CCAR Updates Website with More OSHA Alliance Resources

CCAR (Coordinating Committee For Automotive Repair) has announced the addition of new Occupational Safety and Health Administration (OSHA) Alliance content on its main website, www.ccar-greenlink.org.

CARSTAR McLaren Lake Forest and CARSTAR McLaren Irvine Open in California

Owned by husband-and-wife team James and Mary Davis, CARSTAR McLaren Lake Forest and CARSTAR McLaren Irvine are a family business.

Other Posts

CIECA to Offer Webinar on What Businesses Need to Know to Implement CIECA Standards

CIECA will hold its next CIECAst webinar, “Implementing CIECA Standards: Implementation Guide and Appendix C – BMS, Code Lists and Shema Components,” on Tuesday, Dec. 11, 2018 at 11 a.m. CST.

CARSTAR Urges Customers to Stay Winter Ready

Cold weather can create some of the harshest driving conditions of the year. The months between October and February top the list for accidents, vehicle damage and injuries.

CIECA Adds Broadly as Corporate Member

The Collision Industry Electronic Commerce Association (CIECA) announced that Broadly has joined CIECA as a corporate member.

NABR Launches BillableGenie Online Searchable Database of Insurer-Paid Not-Included Procedures

National AutoBody Research (NABR) has announced the launch of its BillableGenie online service, an independent, centralized source of actual data on insurer paid not-included procedures and operations, labor rates, labor rate concessions and other manually entered estimate line items.