Jun 9, 2011 09:05 GMT  ·  By

A judge has sided with the bank in the case of a construction company that fell victim to overseas fraudsters who siphoned money out of its account.

Back in May 2009, fraudsters managed to infect computers at Maine-based PATCO Construction Inc. with a trojan and as a result they obtained the company's online banking credentials.

Over the course of one week, almost $600,000 were transferred from the company's account at a rate of $100,000 per day to money mules around the country.

When the company finally noticed the fraudulent activity and alerted the bank, the financial institution was able to block and recall $240,000.

PATCO subsequently sued Ocean Bank for failing to stop the transfers despite its system flagging them as unusual. In addition, the company complained that the bank did not offer the "best" security measures available and relied only on usernames and passwords for authentication.

The judge sided with the bank and moved to dismiss the case because the law doesn't require financial institutions to provide the best security available on the market. However, he admitted that the bank could have done better at protecting its customers.

"It is apparent, in the light of hindsight, that the Bank's security procedures in May 2009 were not optimal," the judge wrote, according to BankInfoSecurity.

"The Bank would have more effectively harnessed the power of its risk- profiling system if it had conducted manual reviews in response to red flag information instead of merely causing the system to trigger challenge questions," he added.

Several similar cases are currently pending around the country as a result of the massive spike of ACH (Automated Clearning House) fraud during 2008 and 2009. However, business accounts don't enjoy the same protection as personal accounts do. There's no law forcing banks to reimburse companies for fraud.