Cyberthieves steal hundreds of millions of dollars a year from the bank accounts of U.S. businesses. Many business owners are discovering their bank is not required to make them whole.

Next time you hear a commercial from a bank touting how friendly it is to small businesses, re-read or re-play this story from John Ydstie of NPR’s Morning Edition.

In it, he shares the alarming stories of several business owners whose bank accounts were hacked by cyberthieves, but whose banks refused to reimburse them.

Why? Because they don’t have to. No kidding.

“Individuals are pretty well-protected when it comes to fraudulent transfers from their bank accounts. Regulation E of the Electronic Fund Transfer Act requires banks to bear the burden in most circumstances. That’s not the case for small businesses, even if they’re owned by a single person.” – John Ydstie (NPR)

The law does require banks, under the Uniform Commercial Code, to offer business customers a “commercially reasonable” security protocol. If the bank follows that protocol, it can refuse to reimburse businesses that are victims of fraudulent money transfers.

And before you start thinking this couldn’t be that big a problem, it’s big and growing. The most recent FBI data show a huge growth in this kind of fraud against businesses. More than 8,000 companies have been victimized over the past two years. Their losses total nearly $800 million.

(Continue reading on “When Cyber Fraud Hits Businesses, Banks May Not Offer Protection“)

 Photo: Thinkstock



Related Articles

Why You Should Still Use a Password Manager

A breach of a password management system provides another opportunity to explain how a password management service is better than other methods.

Advice From Google on Avoiding Scams Directed at Small Businesses

A wide range of warnings for avoiding scams from con-artists claiming to be from Google.

More Tips for Actively Managing Your Passwords

More helpful tips and ideas for managing your passwords.

What Small Business Customers Should Know and Do About the JPMorgan Chase Cyberattack

From the bank’s SEC filing and information provided on, this is what is currently known about the cyberattack and what the bank is recommending to its customers.

How Hackers Use ‘Social Engineering’ and How to Prevent It

Following the recent wave of celebrities having online accounts hacked, here is an explanation of “social engineering,” part of the method the cyber criminals likely used.

Ten Tips From the FCC for Improving Your Small Business Cyber Security

Ways to improve your small business cyber security from the U.S. Federal Communications Commission.

Password Protection Advice from

Username and password protection is an ongoing requirement for small businesses. Here is a roundup of helpful advice on internet security and password management that has appeared recently on

Ebay Asks 145 Million Users to Change Passwords

Ebay is asking its 145 million users to change their passwords because of a cyberattack that compromised a database containing encrypted passwords “and other non-financial data.”

What is Two-Step Verification and Why You Should Start Using Them

It’s incredibly easy and fast to use a two-step verification method to protect your online accounts. Here’s how they work and why you should use them.

How (and Why) to Use a Password Management Application

A lock on your front door doesn’t do you any good if you keep the key under the mat, just like the best security on the web won’t protect you if you have the same bad password on every site you visit.

How to Reduce the Odds of Being Hacked While Using Public Wifi

Getting in a solid work session at the local coffee shop may be a tempting idea, but it has its risks. Like getting your personal information stolen because you were careless on a public network.