Criminals all around the world are targeting U.S. businesses. They are stealing online banking credentials and confidential information in what is called a Corporate Account Takeover. Criminals target all sized businesses, no matter how small. A criminal might not be able to find your location on a map, but they can find you on the Internet and through email.
HOW DO CORPORATE ACCOUNT TAKEOVERS HAPPEN?
Criminals use malicious software, commonly called malware, to infect business computers. Generally, malware is delivered in an email disguised as a legitimate request which urges the user to click on the link or activate an attachment. Users can also become infected from some websites. In most cases, the malware is sophisticated enough to infect the entire business network, allowing criminals to view everything the business does.
WHAT HAPPENS IF OUR COMPUTERS ARE INFECTED?
Infected computers and networks allow criminals complete access to all information, including when you log into your online banking platform. The malware allows criminals to monitor everything you do, capture your online banking credentials and know your online behavior. They use your credentials to initiate fraudulent transfers out of your accounts via wires, ACH, or by creating counterfeit checks. To your bank, it appears you are initiating the transfers because they are processed using your credentials. Businesses are often not aware of the infection until after their accounts are taken over and funds are stolen.
Criminal groups can also harvest valuable information from your network such as employee identities, patient information and credit card numbers. They sell this information on the black market. Criminals often monitor an infected business network for months to harvest as much information as possible before they take over the accounts.
WHAT CAN I DO TO PROTECT MY NETWORK AND ACCOUNTS?
There are many things for a business to consider when protecting their network. Some are simple, like running current, reliable Security Suites that include bot-net protection, anti-virus, anti-malware, anti-spyware, etc. Another, is to educate all computer users about the threats. You can find current threat information on the NACHA website. Always remember if an email seems suspicious, do not click on the links or open the attachments. Contact the sender by phone to verify the legitimacy of the email.
Contact Alliance Bank to discuss account security and other options that may be available to help protect your accounts. Your IT provider can also help you identify other ways to protect your network.
