January 15, 2010 1:28
Business Online Banking users: Important information regarding Corporate Account Takeovers, a new cybercrime threat. Please read this letter for ways to protect your business.
Corporate Account Takeovers, a serious cyber crime on the rise. (January 15, 2010)
Recently there have been multiple articles released on Corporate Online Banking and Account Takeovers. Warnings are being issued by the FBI, American Bankers Association and NACHA the Electronic Payments Association.
NACHA has provided the following description of a corporate account takeover.
"Corporate account takeover" is when cyber-thieves gain control of a business' bank account by stealing the business' valid online banking credentials. Although there are several methods being employed to steal credentials, the most prevalent involves malware that infects a business' computer workstations and laptops.
A business can become infected with malware via infected documents attached to an e-mail or a link contained within an e-mail that connects to an infected web site. In addition, malware can be downloaded to users' workstations and laptops by visiting legitimate websites - especially social networking sites - and clicking on the documents, videos or photos posted there. This malware can also spread across a business' internal network. Bank of Ann Arbor aids in the protection of your financial information through online banking by:
- Employment of a multi-factor authentication at initial sign in;
- Offering the ability to initiate payments under dual control; and
- Established maximum limits related to customer-initiated ACH transactions.
The FBI, American Bankers Association and NACHA strongly recommend the following:
- Using a dedicated computer for online banking transactions rather than using the same computer for e-mail and searching the Internet.
- Initiate ACH and wire payments under dual control-one person authorizes the creation of the payment file; a second person authorizes the release of the file.
- Ensure that all anti-virus and security software are robust and up-to-date.
- Monitor bank accounts daily.
- Notifying your bank when an employee separates from your company to ensure online banking access is immediately terminated.
We urge you to consider the recommendations noted as well as review your current online banking practices to ensure you and your staff are making every effort to protect financial information and online banking access.
We value your business and feel protection of client information warrants sharing important information with you.
Please feel free to contact Patti Judson, Senior Vice President, Branch Administration, Operations & Cash Management at (734)327-1125 if you have any questions regarding this information.