There have been many articles over the past year about hackers using “Automated Clearing House” fraud to steal money from small and medium-sized businesses. The basic premise is that a hacker will compromise the machine that handles bank transactions for your company and steal money directly from your business account.

I would distill my advice down to one key step:  Designate a secure machine to do bank transactions that isn’t used for anything else. Don’t use this machine to browse the internet, check e-mail, or open any documents  not necessary to complete transactions.  When we talk about a secure machine, it should of course have all updates, anti-virus, etc.   It would also be preferable to have this machine on an isolated network.  Putting it behind a simple broadband router would provide a lot of benefit for little cost.   Even internal networks should be considered suspect in this sort of situation.

Here is another article for further reading: