What is business account takeover?
Business account takeover occurs when cyber criminals gain control of an account by stealing the business’ online banking credentials. Most commonly, they gain access by utilizing malware, commonly distributed via email links, phishing scams, social networking sites and malicious websites.
To get access to financial accounts, cybercriminals target employees, (often senior executives, accounting or Human Resources personnel and business partners) and trick the targeted individual into spreading malicious software (malware) which steals personal information and log-in credentials.
Once an account is compromised, the cybercriminal is able to electronically steal money from business accounts. These criminals also use various attack methods to exploit check archiving and verification services letting them issue counterfeit checks, impersonate customers to arrange funds transfers, copy legitimate communications from financial institutions to verify transactions, create unauthorized wire transfers and ACH payments, or initiate other changes to the account. In addition to targeting account information, cyber criminals also seek to gain customer lists and/or proprietary information.
How to help prevent business account takeover:
- Establish a business account risk management program
- Perform a risk assessment on medium- and high-risk business accounts
- Review annually the funds transfer program, remote deposit capture program, and other commercial online banking services
- Enhance your computer security and networks
- Minimize the number and restrict the functions of, computers that are used for online banking and payments
- Conduct online banking and payments activity from one dedicated computer that’s not used for other online activity
- Don’t leave computers with administrative privileges or monetary functions unattended unless logged off or locked. Log off or turn off and lock up computers when not in use.
- Use, install and maintain spam filters
- Educate your employees in fraud prevention:
- Bank of the West will never send customers emails asking for customer, user IDs, passwords, account numbers or other sensitive information
- Don't open attachments or links in unsolicited emails. If a message appears to be from your financial institution and requests account information, don’t click on the links, and don’t respond to it
- If you receive an email from a seemingly legitimate source (IRS, Better Business Bureau, Federal courts, UPS, etc.) contact the sender through a means other than the email, to verify their authenticity. Be wary of unsolicited or undesired email messages ("spam") and the links in them
- Be wary of pop-up messages claiming your computer is infected and offering software to scan and fix it. This could be malware that will give the fraudster remote access and control of your computer
- Install and maintain anti-virus and -spyware firewall and malware detection and removal software. Ensure that all security software for all computers is up to date
- Enhance the security of your processes and protocols:
- Implement dual custody. Initiate online payments under dual control using two separate computers. Reduce the risk of fraud and promote security by requiring two different users, each with their own user ID and password, to review and approve online transactions including: wire transfers, ACH, external account transfers, basic payroll payments and tax payments
- Positive Pay. Help protect your company from theft and fraud by keeping control of your disbursement process. Receive daily alerts to potentially fraudulent items. Improve audit capabilities and save time verifying checks issued against checks paid
- Monitor and reconcile transactions and accounts daily
- If you notice suspicious activity, stop all online transactions and remove from the network any computer systems that may be compromised
- Contact local law enforcement to file a report
If you notice suspicious activity on your Bank of the West accounts, call us at 1-800-488-2265. TTY 1-800-659-5495.
Corporate Account Takeovers Can Lead to Fraudulent Transactions