What is corporate account takeover?
Corporate account takeover is a type of fraud scam where fraudsters gain access to a business’ finances and make unauthorized transactions such as:
- Wire transfers out of your business bank accounts
- Online transfers out of your business bank accounts
- Creating and adding new fake employees to payroll files
- Changing dollar amounts in a payroll file
- Editing bank account information in payroll files and diverting funds to fraud accounts
- Stealing sensitive customer and employee information from your business
How could corporate account takeover happen to my business?
- Corporate account takeovers are a threat and a cybersecurity concern for small businesses.
- Phishing emails, social engineering scams, malware and system hacking are a few ways these criminals can infiltrate your business. They target employees to gain access to a company’s internal network.
- The hackers can call and impersonate tech support or state they are working with a known member of your IT staff. They gain your trust and confidence causing you to release control of your computer and rather than helping you repair an issue; they create a major problem.
- They can also send you an email posing as your bank, vendor, customer, or fellow employee. Once you open the email and click on a link or attachment; malware is installed on the computer to provide criminals with access to login credentials and passwords. All done without you even knowing.
Don't allow your business to become an easy target. Follow these tips to help keep your business safe:
- Educate your employees – They may be your biggest vulnerability but also your first line of defense against corporate account takeover. Provide them with training on basic security threats, warning signs and email safe practices. Give them the tools to protect your business!
- Utilize dedicated workstations – Have separate computers for your banking and cash management processing.
- Protect your online environment - Only use secure Wi-Fi networks, do not access important information such as your bank account through public Wi-Fi networks. Encrypt sensitive data and keep up to date with your virus protection and firewalls on all computers.
- Password security – Do not allow your employees to share passwords. Do not leave login credentials out in the open for anyone to see. Use complex passwords that require multiple characters and change them periodically.
- Utilize dual control – Require two people to complete a wire transfer or ACH batch transaction. Your employee can do either action but not for the same transaction, meaning User A can create the transaction but User B will need to approve. This process helps reduce the risk of fraud but also decreases errors by having that secondary review.
- Monitor accounts – Utilize our secure business online banking site or mobile app to view your transactions and account balance daily. If you see anything that looks out of the norm, contact us at 888.366.6622.
- Utilize an anti-fraud tool such as Positive Pay – Our Positive Pay service has several low-cost options that can assist in minimizing exposure to check fraud and unauthorized electronic debits by allowing your business to review transactions before those items are paid. Positive Pay enables your business to stay one step ahead of the criminals.
Has your business been a victim of corporate account takeover?
Contact us immediately at 888.366.6622.