Corporate Account Take Over (CATO)
What is Corporate Account Takeover (CATO)?
Corporate Account Takeover is a type of business identity theft in which a criminal entity steals a business’s valid online banking credentials. Small to mid-sized businesses remain the primary target of criminals, but any business can fall victim to these crimes. Attacks today are typically perpetrated quietly by the introduction of malware through a simple email or infected website. For a business that has low resistance to such methods of attack, the malware introduced onto its system may remain undetected for weeks or even months.
What is malware?
Short for “malicious software”, malware is software designed to infiltrate a computer system without the owner’s informed consent. Examples include viruses, worms, Trojan horses, spyware, dishonest adware, crimeware, etc.
Where does it come from?
Malicious websites, including social media sites, Email, ads from popular websites. Some experts believe email is the biggest security threat of all. Email has been the fastest, most effective method of spreading malicious software to the largest number of users. A good rule of thumb is to only include information in an email that you would feel comfortable sharing with a stranger.
What to do?
Introducing layered security processes and procedures can help protect businesses from criminals seeking to drain accounts and steal confidential information. These increased security procedures may help reduce the number of incidents, and mitigate financial losses and reputational damage that can result from such attacks
No single security measure alone is likely to be effective in preventing or mitigating all risks associated with Corporate Account Takeover. Similarly, some of these sound business practices may not be appropriate for or applicable to all businesses. Accordingly, each business must identify its own risks and design and implement appropriate security measures to prevent and mitigate risks associated with Corporate Account Takeover.
Sound business practices for entities suggested by Chelsea Savings Bank are outlined in the next pages.
Layered System Security - Use appropriate tools to prevent and deter unauthorized access and periodic reviews of such tools to ensure they are up to date. These tools include:
Install robust anti-virus and security software for all computer workstations and laptops and ensure that such software is automatically patched regularly and remains current.
Implement multi-layered system security technology. Anti-virus software alone will not protect a business from most threats. Layering security software constructs a multi-level barrier between businesses’ networks and criminals attempting to access such networks.
Implement security suites so all security options (i.e., firewall, anti-virus, anti-spyware, anti-malware, etc.) work harmoniously to provide superior protection.
Online Banking Safety
Create a secure financial environment by dedicating one computer exclusively for online banking and cash management activity. This computer should not be connected to the business network, have email capability, or connect to the Internet for any purpose other than online banking. Disallow any use for general Web browsing and social networking.
Educate all employees about cybercrimes so they understand that even one infected computer can lead to an account takeover. All employees, even those with no financial responsibilities, should be educated about these threats.
Educate all employees to think critically about each email and phone call received. An employee should always ask “Does this email or phone call make sense?”
A business should advise its employees to:
Block access to unnecessary or high-risk websites. Common sites that carry high-risk include adult entertainment, online gaming, social networking and personal email.
Promptly deactivate or remove access rights of employees who no longer require access (e.g., inactive, transferred or terminated employees).
Require all employees to use strong passwords and change their passwords frequently on both the computer and online banking application.
In some cases a business may determine it is appropriate to utilize a “white-listing” tool to limit employees’ access to only websites that the business has reviewed and deemed safe.
Establish user accounts for every computer and limit administrative rights. Many malware programs require the user to have network administration privileges to infect the computer. Employ “user” settings to avoid unintentionally downloading a credential-stealing program. Often malware requires the user to be logged in as the network administrator for the malicious program to download.
Stay informed about defenses to Corporate Account Takeover. Since cyber threats change rapidly, it is imperative that all businesses stay informed about evolving threats and adjust security measures in a timely manner. Among other things, this can be achieved by connecting with alert groups, and business and industry resources about threats and frauds
Initiate payments under dual control, with assigned responsibility for transaction origination and authorization. Dual control involves file creation by one employee with file approval and release by another employee on a different computer.
Reconcile accounts online daily. At a minimum, pending electronic activity.
Take advantage of appropriate account services offered by its financial institution. Financial institutions offer a variety of services including debit blocks, Falcon Monitoring, call-backs, etc. Please contact Chelsea Savings Bank for Monitoring services provided.
Reporting Suspicious Activity
Monitor for and report suspicious activity. Ongoing monitoring and timely reporting of suspicious activity are crucial in deterring or recovering from these frauds. A business should report anything unusual to the financial institution, such as log-ins at unusual times of day, new user accounts, unauthorized transfers, etc., so the financial institution can immediately block the account and monitor activity.
Warning Signs of a Potential Compromise (but not limited to):
If You Notice Anything Suspicious
Safe Online Banking Tips
As use of the Internet continues to expand, more banks and thrifts are using the Web to offer products and services to enhance communications with consumers.
The Internet offers the potential for safe, convenient new ways to shop for financial services and conduct banking business, any day, any time. However, safe banking online involves making good choices - decisions that will help you avoid costly surprises or scams.
Tips to Help you if you are thinking about or already using online banking systems:
Confirm that an Online Bank is Legitimate and that Your Deposits are Insured
Key Information about the bank posted on its Web Site
Verify the bank's insurance status
Protect yourself from fraudulent Web sites
Keep your Transaction Secure
Passwords or personal identification numbers (PINs) should be used when accessing an account online. Your password should be unique to you and you should change it regularly. Do not use birthdates or other numbers or word that may be easy for others to guess. Always carefully control who you give your password to. If you use a financial company that requires your passwords in order to gather your financial data, make sure you learn about the company's privacy and security practices.
General security over you personal computer such as virus protection and physical access controls should be used and updated regularly. Contact your hardware and software suppliers or Internet service provider to ensure you have the latest security updates.
Before you order a product or service online, make sure you are comfortable with the reputation of the company making the offer. Only then should you give out your credit card or debit card number. Never give these numbers unless you initiated the transaction.
Due to Microsoft’s termination of support for systems that do not support TLS 1.2, we advise you to upgrade your OS version or browsers to help ensure that you do not experience unnecessary service interruptions. If you are unable to connect using TLS 1.2 you may receive a connection error. Please upgrade to a supported version to be able to connect using TLS 1.2. Contact the bank if you need assistance.
NOTICE OF EXPIRATION OF THE TEMPORARY FULL FDIC INSURANCE COVERAGE FOR NONINTEREST-BEARING TRANSACTION ACCOUNTS
By operation of federal law, beginning January 1, 2013, funds deposited in a noninterest-bearing transaction account (including an Interest on Lawyer Trust Account) no longer will receive unlimited deposit insurance coverage by the Federal Deposit Insurance Corporation (FDIC). Beginning January 1, 2013, all of a depositor’s accounts at an insured depository institution, including all noninterest-bearing transaction accounts, will be insured by the FDIC up to the standard maximum deposit insurance amount ($250,000), for each deposit insurance ownership category.