Corporate Account Takeover
“Corporate Account Takeover” is when cyber-criminals gain control of a business’ bank account(s) by stealing an employee’s valid online banking credentials.
What is Corporate Account Takeover?
Criminal entities employ various methods to obtain access to the legitimate banking credentials from businesses, including mimicking an institution’s website, using malware and viruses to compromise the business’ system, or using social engineering to defraud employees into revealing security credentials or other sensitive data.
For example, a business’ systems may be compromised by:
- An infected document attached to an email
- A link within an email that connects to an infected website
- Employees visiting legitimate websites – especially social networking sites – and clicking on the infected documents, videos, or photos posted there.
- An employee using a flash drive that was infected by another computer
In each case, fraudsters exploit the infected system to obtain security credentials that they can use to access a company’s business accounts. The criminal can then initiate funds transfers by ACH or wire transfer to the bank accounts of associates. Access to the computers of the business may also allow sensitive customer information to be stolen or destroyed.
How do I limit the risk of Corporate Takeover in my Business?
Your employees are the first line of defense against Corporate Account Takeover. Employee education and a strong security program can help prevent data and financial losses. Here are controls that may help mitigate your risk.
- Perform online banking activities from a stand-alone computer system from which email and Web browsing are not allowed.
- Be suspicious of emails purporting to be from a financial institution, government department or other agency requesting account information, account verification or banking access credentials such as usernames, passwords, PIN codes and similar information. Opening file attachments or clicking on web links in suspicious emails could expose the system to malicious code that could hijack your computer.
- Install a dedicated, actively managed firewall, especially if your business has a broadband or dedicated connection to the Internet, such as DSL or cable. A firewall limits the potential for unauthorized access to a network and computers.
- Create strong passwords with at least 10 characters that include a combination of mixed case letters, numbers and special characters.
- Prohibit the use of “shared” usernames and passwords for online banking systems and never share password information with third-party providers. The bank will never ask you for your online banking credentials in an unsolicited telephone call or email.
- Use a different password for each Web site that is accessed.
- Limit administrative rights on users’ workstations to help prevent the inadvertent downloading of malware or other viruses.
- Limit user access rights to only the functions they will need to complete their work tasks.
- Educate employees on good cyber security practices to include how to avoid having malware installed on the business computer.
- Install commercial anti-virus and desktop firewall software on all computer systems. Free software may not provide protection against the latest threats compared with an industry standard product.
- Ensure virus protection and security software are updated regularly.
- Ensure computers are patched regularly particularly operating system and key application with security patches. It may be possible to sign up for automatic updates for the operating system and many applications.
- Reconcile your banking transactions on a daily basis. Be sure to report any suspicious activity or unauthorized transactions on your account to the bank as soon as possible at (606) 287-8484.
- Consider using dual control when processing high risk transactions such as ACH and wire transfer payments. One authorized user would enter transactions while another authorized user would approve and transmit the transactions.
- Verify use of a secure session (https:// not http://) in the browser for all online financial transactions, including online banking.
- Avoid using automatic login features that save usernames and passwords for online banking.
- Never leave a computer unattended while using any online banking or investing service.
- Never access bank or other financial services information at Internet cafes, public libraries, etc. Unauthorized software may have been installed to trap account number and sign on information leaving the customer vulnerable to possible fraud.
- Properly log out of each online banking session and close all browser windows. Simply closing the active window may not be enough.
- When finished with the computer, turn it off or disconnect it from the Internet.
- Consider utilizing a security expert to test the network or run security software that will aid you in identifying known vulnerabilities.