Corporate Account Takeover Fraud
First identified in 2005, Corporate Account Takeover is a type of corporate identity theft in which cyber thieves steal business’ valid online banking credentials or hijack browser sessions to access a customer’s account.  Once the cyber thief gains access to an account, they can conduct unauthorized transactions, change contact information, and gather information on the account’s history to commit other crimes.

In the beginning, banks were targeted for this fraud; however, as banks have strengthened their security, the cyber thieves set their sights on a new target: the corporate customer.  Cyber thieves target employees and businesses of all sizes through phishing and other social engineering attacks with the goal of enticing them to download and spread malware that will allow unauthorized access to financial accounts and other sensitive information.

Banks must protect themselves by increasing internal awareness of this fraud, enhancing the ability to monitor for and detect it, and developing a response plan to address it. Most importantly, since banks cannot control the security of their customers’ devices, they must work to educate their clients of the risks and how they can protect themselves.

ABA is committed to addressing this issue through its participation on various collaborative working groups involving other industry associations, regulators, and law enforcement. As a participant within the Financial Services Information Sharing Center’s (FS-ISAC) Account Take Over Task Force (ATO-TF), the ABA assisted in the development of resources designed to educate banks and their retail and corporate clients about this fraud.  See the “Publications” section for more information.

Regulatory Guidance

• FFIEC Supplement to Authentication in an Internet Banking Environment (June 2011)
• FAQ on FFIEC Guidance on Authentication (August 2006)
• The FFIEC Guidance on Authentication (October 2005)
• Financial Crimes Enforcement Network (FinCEN) Advisory: Identifying Account Takeover Activity (December 2011)

Publications

 = ABA Members Only

• Presentation: Defending Against Corporate Account Takeover (December 2012)
• FS-ISAC ATO Task Force Paper: How Financial Institutions Can Protect Against, Detect, and Respond To Corporate Account Takeover (September 2012)
• FS-ISAC ATO Task Force Advisory: How Corporate Customers Can Protect Against, Detect, and Respond To Corporate Account Takeover (Updated April 2012) 
• FS-ISAC ATO Task Force Advisory: Anticipated Increase in Accounts Opened by Visiting Student sand Tourists to Facilitate Fraud (April 2012) 
• FS-ISAC ATO Task Force Advisory: Fraud Advisory for Banks and Credit Unions-Growing Internet Auto Fraud Facilitated via Wire Transfers (Updated April 2012)
• FS-ISAC ATO Task Force Advisory: Fraud Advisory for Consumers-Involvement in Criminal Activity through work From Home Scams (Updated April 2012)
• FS-ISAC ATO Task Force Advisory: Fraud Alert Involving E-mail Intrusions to Facilitate Wire Transfers Overseas (January 2012) 
• FS-ISAC ATO Task Force:Online Fraud Detection White Paper (February 2012) 
• FS-ISAC ATO Task Force: Account Takeover and Online Fraud Response White Paper (June 2011) 
• NACHA ACH Operations Bulletin:Corporate Account Takeovers Can Lead to Fraudulent Transactions (December 2009)
• Identity Theft Study Supplement on "Account-Hijacking" Identity Theft  (July 2005)
  

ABA Resources

• See the ABA’s Internet Security site for publications related to phishing, identity theft and more.
• See ABA's Small Business Guide to Corporate Account Takeover

• Findings: FS-ISAC Account Takeover Survey (January 2013)
• Press Release: Findings from FS-ISAC Account Takeover Survey Now Available (January 2013)
• Testimony of Michele B. Cantley, Chief Information Security Officer, Regions Bank on On Behalf of the The Financial Services Information Sharing & Analysis Center Before the United States House of Representatives Capital Markets and Government Sponsored Enterprises Subcommittee (June 2012)
• Findings: FS-ISAC Account Takeover Survey  (June 2012)
• Listing of Business and General Cybersecurity Resources

ABA Endorsed Solutions

• Information Security and Data Loss Prevention
• Identity Verification Tool-Instant ID
• InstantID Q
• AML and ATF Transaction Monitoring Solution
• Anti-Fraud Solution Suite

Updated: January 10, 2013

​Questions? Please contact Heather Wyson for additional information.