What is Corporate Account Takeover?
“Corporate account takeover” is when cyber-thieves gain control of a business’ bank account(s) by stealing the business’ valid online banking credentials. Although there are several methods being employed to steal credentials, the most prevalent involves malware that infects the business’ computer workstations and laptops.
A business can become infected with malware via infected documents attached to an email or a link contained within an email that connects to an infected Web site. In addition, malware can be downloaded to users’ workstations and laptops by visiting legitimate Web sites - especially social networking sites - and clicking on the documents, videos or photos posted there. This malware can also spread across a business’ internal network.
Recommendations to Business and Corporate Customers
Although Guaranty Bank & Trust uses technologies to prevent, detect and respond to fraudulent transactions, there are additional controls that you can institute within your organization to further reduce the risk of Corporate Account Takeover and fraud.
- Reconcile your banking transactions on a daily basis.
- Initiate ACH and wire transfer payments under dual control, with a transaction originator and a separate transaction authorizer.
- Employ best practices to secure computer systems in their business including but not limited to:
- If possible, carry out all online banking activities from a stand-alone, hardened and completely locked down computer system from which e-mail and Web browsing are not possible.
- Be suspicious of emails purporting to be from a financial institution, government department or other agency requesting account information, account verification or banking access credentials such as usernames, passwords, PIN codes and similar information. Opening file attachments or clicking on web links in suspicious emails could expose the system to malicious code that could hijack your computer.
- install a dedicated, actively managed firewall, especially if the business has a broadband or dedicated connection to the Internet, such as DSL or cable. A firewall limits the potential for unauthorized access to a network and computers.
- Create strong passwords with at least 10 characters that include a combination of mixed case letters, numbers and special characters.
- Prohibit the use of “shared” usernames and passwords for online banking systems.
- Use a different password for each Web site that is accessed.
- Change the password a few times each year.
- Never share username and password information for Online Services with third-party providers.
- Limit administrative rights on users’ workstations to help prevent the inadvertent downloading of malware or other viruses.
- Educate employees on good cyber security practices to include how to avoid having malware installed on the business computer.
- Install commercial anti-virus and desktop firewall software on all computer systems. Free software may not provide protection against the latest threats compared with an industry standard product.
- Ensure virus protection and security software are updated regularly.
- Ensure computers are patched regularly particularly operating system and key application with security patches. It may be possible to sign up for automatic updates for the operating system and many applications.
- Consider installing spyware detection programs.
- Clear the browser cache before starting an Online Banking session in order to eliminate copies of web pages that have been stored on the hard drive. How the cache is cleared will depend on the browser and version. This function is generally found in the browser's preferences menu.
- Verify use of a secure session (https:// not HTTP://) in the browser for all online financial transactions, including online banking.
- Avoid using automatic login features that save usernames and passwords for online banking.
- Never leave a computer unattended while using any online banking or investing service.
- Never access bank, brokerage or other financial services information at Internet cafes, public libraries, etc. Unauthorized software may have been installed to trap account number and sign on information leaving the customer vulnerable to possible fraud.
- Properly log out of each online banking session and close all browser windows. Simply closing the active window may not be enough.
- When finished with the computer, turn it off or disconnect it from the Internet.
Also, consider utilizing a security expert to test the network or run security software that will aid you in identifying known vulnerabilities.
Consumer account holders receive protections from errors relative to electronic funds transfers under Regulation E; however, we want to make you aware that Regulation E does not cover Business accounts.
The alerts and notifications offered by the bank are designed as flags to warn you if your system may have been compromised and we strongly encourage you to take advantage of them.
Warning signs that your system/network may have been compromised include:
- Inability to log into online banking (thieves could be blocking customer access so the customer won’t see the theft until the criminals have control of the money)
- Dramatic loss of computer speed
- Changes in the way things appear on the screen
- Computer locks up so the user is unable to perform any functions
- Unexpected rebooting or restarting of the computer
- Unexpected request for a one time password (or token) in the middle of an online session
- Unusual pop-up messages, especially a message in the middle of a session that says the connection to the bank system is not working (system unavailable, down for maintenance, etc.)
- New or unexpected toolbars and/or icons; and Inability to shut down or restart the computer
Contact the bank immediately if you suspect your network may have been compromised. Call (888) 572-9881 and ask for the Internet Banking Department.