What to know and how to protect:
Corporate Account Takeover occurs when a criminal obtains electronic access to your bank account and conducts unauthorized transactions. The criminal obtains electronic access by stealing the confidential security credentials of your employees who are authorized to conduct your corporate bank electronic transactions (wire transfers, Automated Clearing House [ACH], and others).
Losses from this form of cyber-crime range from tens of thousands to the millions with the majority of these thefts not fully recovered. Corporate Account Takeovers have affected both large and small banks.
How does Corporate Account Takeover work?Several methods being deployed to steal your confidential security credentials:
- Phishing mimics the look and feel of a legitimate financial institution’s website, e-mail, or other communication. Users provide their credentials without knowing that a perpetrator is stealing their security credentials through a fictitious representation which appears to be their financial institution.
- Malware infects computer workstations and laptops via infected e-mails with links or document attachments. In addition, malware can be downloaded to a user’s workstation or laptop from legitimate websites, especially social networking sites. Clicking on the documents, videos, or photos posted there can activate the download of the malware. The malware installs key-logging software on the computer, which allows the perpetrator to capture the user’s ID and password as they are entered at the financial institution’s website. Other viruses are more sophisticated. They alert the perpetrator when the legitimate user has logged onto a financial institution’s website, then trick the user into thinking the system is down or not responding. During this perceived downtime, the perpetrator is actually sending transactions in the user’s name.
Top Best Practices Avoid Corporate Account Takeover.Education is Key – Train your employees!
- A strong security program paired with employee education about the warning signs, safe practices and responses to a suspected takeover are essential to protecting your company and customers.
- Employee education is effective in reducing the threat of an account takeover.
- Develop a formal security policy and train the employees on internet safety.
- Secure your computer and networks – Possibly dedicate one computer for online banking functions only, no emails or other internet browsing allowed.
- Install and Maintain Spam Filters
- Surf the Internet carefully
- Install & maintain real-time Anti-Virus & Anti-Spyware Desktop Firewall & Malware Detection & Removal software. Use these tools regularly to scan your computer. Allow for automatic updates and scheduled scans.
- Install routers and firewalls to prevent unauthorized access to your computer or network. Change the default passwords on all network devices.
- Install security updates (patches) to operating systems and all applications as they become available.
- Block Pop-Ups
- Use strong password policies
- Do not use public Internet access points
- Use multi-layer security
- Make sure that your employees know how and to whom to report suspicious activity – both at your Company & your Bank
- Use Dual-Control with online banking transactions
- Monitor and Reconcile Bank Accounts Daily - especially near the end of the day
- Note any changes in the performance of your computer - dramatic loss of speed, computer lock-ups, unexpected rebooting, unusual pop-ups, etc.
- Do not open attachments from e-mail - Be on the alert for suspicious e-mail
The Account and Business Online Banking online service agreements details what commercially reasonable security measures are required for your business. It is critical that you understand and implement the security safeguards in these agreements. If you don’t, you could be liable for losses resulting from a takeover.
- Consider Cyber-insurance
- Limit Administrative Rights - Do not allow employees to install any software without receiving prior approval.
When to contact the Bank:
- Contact the Bank if you suspect a Fraudulent Transaction
- Contact the Bank if you're trying to process an Online Wire Transfer or ACH Batch and you receive a Maintenance Page
- Contact the Bank if you receive an e-mail claiming to be from the Bank and it is requesting personal / Company information
Download the Incident Response Plan Checklist