Corporate Account Takovers
What is an Account Takover?
A fast growing electronic crime where thieves typically use some form of malware to obtain login credentials to Online Banking accounts and fraudulently transfer funds from the account(s).
Malware: Short for malicious software, is software designed to infiltrate a computer system without the owner's informed consent. Malware includes computer viruses, worms, trojan horses, spyware, dishonest adware, crimeware, most rootkits, and other malicious and unwanted software.
Domestic and International Wire Transfers, Business-to-Business ACH payments, Online Bill Pay and electronic payroll payments have all been used to commit these crimes.
How Does it Work?
Criminals target victims by scams. The victim unknowingly installs software by clicking on a link or visiting an infected Internet site. Fraudsters began monitoring the accounts. The victim logs on to their Online Banking and the Fraudsters collect the login credentials. Fraudsters wait for the right time and then depending on your controls – they login after hours or if you are utilizing a token they wait until you enter your code and then they hijack the session and send you a message that Online Banking is temporarily unavailable.
Where does it come from?
Malicious websites (including Social Networking sites), Email, P2P Downloads (e.g. LimeWire), ads from popular web sites. Some experts feel Email is the biggest security threat of all. It is the fastest, most-effective method of spreading malicious code to the largest number of users.
What can you do to protect yourself?
-
Never click on links or open attachments in emails if you do not trust the source
-
Never download files from unknown sources
-
Never share private, personal information on unsecure websites