Corporate Account Takeover

The vast majority of cyber thefts begin with the thieves compromising the computer(s) of the business account holders. Perpetrators often monitor the customer’s email messages and other activities for days or weeks prior to committing the crime. The corporate customer is most vulnerable just before a holiday when key employees are on vacation. Another risk period is on a day the business office is relocating or installing new computer equipment. Employees may be distracted and think a problem conducting online banking is due to a new network or equipment.

Combating account takeover is a shared responsibility between businesses and financial institutions. Bankers can explain the safeguards small businesses need and the numerous programs available that help ensure fund transfers, payroll requests and withdrawals are legitimate and accurate.

What is Corporate Account Takeover?

Corporate account takeover is a type of fraud where thieves gain access to a business’ finances to make unauthorized transactions, including transferring funds from the company, creating and adding new fake employees to payroll, and stealing sensitive customer information that may not be recoverable.

Cybercriminals are targeting small businesses with increasingly sophisticated attacks. It is common for thieves to send emails posing as a bank, delivery company, court or the Better Business Bureau. Criminals use spoofed emails, malicious software and online social networks to obtain login credentials to businesses’ accounts, transfer funds from the accounts and steal private information, a fraud referred to as “corporate account takeover.”

How do I protect myself and my business?

A shared responsibility between First American Bank and the business is the most effective way to prevent corporate account takeover. We work with business clients to help them understand security measures needed within the businesses and to establish safeguards on the accounts that can help the bank identify and prevent unauthorized access to funds.

What you can do:

Protect your online environment

It is important to protect your cyber environment just as you would your physical location. Do not use unprotected internet connections. Encrypt sensitive data and keep updated anti-virus and anti-spyware protection on your computers. Change passwords from the default to something complex, including at point-of-sale terminals. Update anti-virus and anti-malware programs frequently. Update, on a regular basis, all computer software to protect against new security vulnerabilities (patch management practices). Adhere to dual control procedures. Use separate devices to originate and transmit wire/ACH instructions. Transmit wire transfer and ACH instructions via a dedicated and isolated device. Adopt advanced security measures by working with consultants or dedicated IT staff.

Partner with your bank for payment authentication

Talk to your banker about services that offer call backs, device authentication, multi-person approval processes, batch limits and other tools that help protect you from unauthorized transactions.

Pay attention to suspicious activity and react quickly

Put your employees on alert. Look out for strange network activity, do not open suspicious emails and never share account information. If you suspect a problem, disconnect the compromised computer from your network and contact your banker. Keep records of what happened. Practice ongoing account monitoring and reconciliation, especially near the end of the day.

Understand your responsibilities and liabilities

The account agreement with your financial institution will detail what commercially reasonable security measures are required in your business. It is critical that you understand and implement the security safeguards in the agreement. If you don’t, you could be liable for losses resulting from a takeover. Talk to your banker if you have any questions about your responsibilities. Utilize resources provided by trade organizations and agencies that specialize in helping small businesses.

Educate your employees

You and your employees are the first line of defense against corporate account takeover. A strong security program paired with employee education about the warning signs, safe practices, and responses to a suspected takeover are essential to protecting your company and customers. Provide continuous communication and education to employees using online banking systems. Provide enhanced security awareness training will help ensure employees understand the security risks related to their duties. Communicate to employees that passwords should be strong and should not be stored on the device used to access online banking.