Corporate Account Takeover

Stay alert to corporate account takeover threats!

Corporate Account Takeover

What is Corporate Account Takeover?

Email account compromise (EAC) or account takeover (ATO) are forms of online identity theft that occur when a fraudster gains unauthorized access to someone else’s account like a bank account, email account, or online shopping account. Once in, they can change information such as login credentials or the email address associated with the account in order to make unauthorized transactions. As more and more people are conducting their business online, online fraud is on the rise, including corporate account takeover. Additionally, since access to email accounts can also control password resets and suspicious activity alerts, t fraudulent account activity can easily occur without being detected.

How does it happen?

The last several Verizon Data Breach Investigations Reports have all found the use of stolen credentials as the most common way hackers gain unauthorized access to accounts. The 2020 Report includes insights from 3,950 confirmed breaches! Some of these attacks begin by sending phishing emails designed to look like a password reset request or links to fraudulent login pages enabling credential theft to occur. In addition, by clicking on links in phishing emails or texts, or by visiting a compromised website, employees could be unknowingly installing malware onto their home computers, malware that could be collecting usernames and passwords as they are entered. As you can see, cybercriminals can gain access to accounts in many ways.

Here are more examples of common methods used by fraudsters:

  • Insider knowledge. It isn’t difficult in today’s world to leverage social media to learn employees’ email addresses and company title, or even cellphone numbers, home addresses or birthdays. This information can be used to make phishing emails more targeted and convincing. Once credentials are stolen, they can easily be used to log in to online or mobile banking unless MFA is in place (see below).
  • Theft. Fraudsters can steal items like checks and account statements from outgoing mail, then use those to create new or access existing online accounts or order counterfeit checks.
  • Dark web. Fraudsters can purchase compromised or breached personal information sold through resources available on the dark web.
  • Card skimmers. Criminals can also install devices on ATMs and point-of-sale card readers to record credit and debit card information. The captured data can then be used to make fraudulent charges or create counterfeit payment cards

How can you Prevent Corporate Account Takeover?

We continue to enhance our online banking platform to provide you with the most secure access to your accounts, and look forward to giving you even more control of your security configuration in Q1 of 2021. In the meantime, here are some features you should take advantage of now within our business online banking platform.

Control Wire Transfer Accounts

Limit wire origination access to only the accounts that will be used to originate wires! To control the accounts wires can be originated from, simply select “Users” from the Commercial menu. Click the Edit option for the user. Click the “Assign Rights” button. Click on the Accounts tab. Turn off the withdrawal feature for the accounts that the user should not be allowed to send wires from. Turn on the withdrawal feature for the accounts the user can be allowed to send wires from.

You can also set up automatic alerts to notify you by phone, text message, or email each time a wire transfer is initiated. Each user has the ability to manage their own alert(s). To set up an alert, log into the System and select “Alerts” from the Settings menu. On the Alerts page, wire alerts can be created using the “New Alert” dropdown and selecting “Online Transaction Alerts”, or under “Security Alerts”.

You can also take advantage of multi-factor authentication, which requires a code delivered by token or SMS to log into online banking.  

ACH Origination Accounts

We also recommend that limiting ACH origination access to only the accounts that will be used to originate ACH transaction to reduce the risk of an unauthorized ACH transaction. To control the accounts ACH can be originated from, select Users from the Commercial menu. Click the “Edit” option for the user. Click the “Assign Rights” button. Click on the Accounts tab. Turn off the withdrawal feature for the accounts that the user should not be allowed to send ACH from. Turn on the withdrawal feature for the accounts the user can be allowed to send ACH from.

Dual Controls for Wire Transfers and ACH

With this optional feature, any wire transfer or ACH created by a user will require a review and approval by a second user. Please note that if you elect to use this feature, all wire transfers and/or ACH transactions initiated by users given access to these services by your designated Company Administrator must be reviewed by a second Company user before they can be sent out. You must call us at (805) 880-7606 if you want to enable either of these features.

ACH Origination Alerts

You have the ability to set up automatic alerts in to notify you by phone, text message, or email each time a wire transfer is initiated. Each user has the ability to manage their own alert(s). To set up an alert, log into the System and select “Alerts” from the Settings menu. On the Alerts page, ACH alerts can be created using the “New Alert” dropdown and selecting “Online Transaction Alerts”, or under “Security Alerts”.

What if you Suspect Identity Theft or Fraud on your Account?

If you see charges you don’t recognize on your account, or find that you can’t access your online banking with your user name and password, you should immediately alert your ARB relationship manager. Consider enrolling in Positive Pay or opening a new account if you believe your account number has been compromised. We also have card alerts you can take advantage of to alert you to debit card activity that is out-of-the norm.

Concerned that your personal information may have been stolen? The Federal Trade Commission maintains the IdentityTheft.gov website, which provides a step-by-step guide for both reporting and responding to identity theft. The FTC also maintains a blog, with helpful information on current scams, as well as when you should also considering filing a police report. You can also watch videos about how to report scams.

Other Resources for Businesses

Related products

Card image cap

ACH Origination

A convenient payment solution with lower costs and fast processing times.

Card image cap

Wire Transfers

Move cash confidently across the country or worldwide.

Card image cap

Online and Mobile Banking

Whether you need to check a balance, pay a bill, stop a payment, or order checks, online and mobile banking make it easy!