What is Corporate Account Takeover?
Corporate account takeover is a type of fraud where thieves gain access to a business’ finances to make unauthorized transactions, including transferring funds from the company, creating and adding new fake employees to payroll, and stealing sensitive customer information that may not be recoverable.
Corporate account takeover is a growing threat for small businesses. In 2011, seventy two percent of data breach cases affected businesses with 100 employees or less1. It is important that businesses understand and prepare for this risk.
Cyber thieves target employees through phishing, phone calls, and even social networks. It is common for thieves to send emails posing as a bank, delivery company, court or the Better Business Bureau. Once the email is opened, malware is loaded on the computer which then records login credentials and passcodes and reports them back to the criminals. ALERT:
to access a January 2013 warning from the Federal Trade Commission (FTC) regarding a fake email purporting to come from the FTC. Opening attachments or links in this email may expose the users' computers to viruses or spyware.
Employee Education is Essential, but is Missing the Mark
You and your employees are the first line of defense against corporate account takeover. A strong security program paired with employee education about the warning signs, safe practices, and responses to a suspected takeover are essential to protecting your company and customers.
Ninety two percent of respondents to a recent survey indicated employee education of small business employees was effective in reducing the threat of account takeover2. However, nearly 80 percent of respondents to a small business survey said they had no formal internet security policy, with almost half indicating they provide no internet safety training to employees3.
How do I protect myself and my small business?
The best way to protect against corporate account takeover is a strong partnership with your financial institution. Work with your bank to understand security measures needed within the business and to establish safeguards on the accounts that can help the bank identify and prevent unauthorized access to your funds.
A shared responsibility between the bank and the business is the most effective way to prevent corporate account takeover. Consider these tips to ensure your business is well prepared: