Corporate Account Takeover
Corporate Account Takeover is a type of business identity theft where cyber thieves gain control of a business' bank account by stealing employee passwords and other valid credentials. Thieves can then initiate fraudulent wire and ACH transactions to accounts controlled by the thieves. Heritage Bank is dedicated to helping educate customers on proper security protocol. The bank recommends the following to customers to help protect their account:
- Do not respond or open attachments or click on links in unsolicited emails. If a suspicious email appears to be from the bank, customers are encouraged to call the bank to verify.
- Do not click on pop-up messages that claim the machine is infected and offers software to scan and fix the problem.
- Block pop-ups
- Use/install and maintain spam filters
- Install and maintain anti-virus, anti-spyware, desktop firewall and malware detection and removal software.
- Use these tools to regularly scan the computer. Allow automatic updates and scheduled scans.
- Install routers and firewalls to prevent unauthorized access to the computer and/or network.
- Restrict computers used for online banking and payments. Computers used for online banking and payments should not be used for general web browsing, email and social networking.
- Do not leave computers with administrative privileges and/or computers with monetary functions unattended. Computers should be locked or shut down when the employee leaves the workstation.
- Install security updates to operating systems and all applications as they are available.
- Keep operating systems, browsers, and all other software and hardware up-to-date.
- Conduct regular backup copies of system and work files
- Encrypt sensitive folders with the operating system’s native encryption capabilities.
- Do not use public internet access points
- Pay attention to warnings like alerts of virus or expiration of anti-virus software
- Pay attention to cyber security threats and news
Online banking usage
- If possible, require dual-control to initiate ACH transfers.
- Do not share online banking log-ins. Cash management allows customers to set up multiple sub-users and control access for each user.
- Monitor and reconcile accounts on a regular basis; this should be conducted monthly at a minimum
Problems can be detected by staying aware of changes to computer performance
- Dramatic loss of speed
- Changes in the way things appear
- Computer locks up so the user is unable to perform any functions
- Unexpected rebooting or restarting of the computer
- Unexpected requests for a password or token in the middle of an online session
- Unusual pop-up messages
- New or unexpected toolbars and/or icons
- Inability to shut down or restart
React to Threats
- Immediately stop online activity after detecting a threat
- Disconnect Ethernet cable and/or any network connections
- Ensure employees know whom to report suspicious activity to at the company and bank.
- Contact the bank to take the following actions
- Temporarily disable online access
- Change internet banking passwords
- Open new accounts if account numbers are compromised or deemed necessary
- Ensure there have not been any new payees added to bill pay, address or contact information change requests, change to user access, new debit cards, checks or account documents mailed to another address.
- Maintain a written report of what happened, losses and steps take to report incident to various agencies
- If a loss occurred, file a police report and provide facts and circumstances surrounding the loss
- File a complaint online at www.ic3.gov
- Contact local field FBI Office www.fbi.gov/contact-us/field/field-offices
- Have a contingency plan to recover systems