Your Security, Business Account Takeover

Posted: Friday, July 6th, 2012 | Posted by: Timothy Rozalski in IT Security

Business Account Takeover is the business equivalent of personal identity theft. Businesses not only need to protect themselves from identity theft but also ensure they have protections in place so that they do not have a business account takeover.

Hackers, backed by professional criminal organizations are targeting small and medium businesses to obtain access to their web banking credentials or remote control of their computers. These hackers will then drain the deposit and credit lines of the compromised bank accounts, funneling the funds through channels that quickly redirect the monies into other accounts not owned by the business.

Avoid Business Account Takeover

A business account takeover is generally initiated by opening email or visiting legitimate websites and clicking on links, documents, videos or photos that unknowingly install malware programs designed to collect sensitive permissions and passwords. Sophisticated versions of malware can even capture token-generated passwords, alter the display of a website to a user, or display a fake website indicating the bank’s website is down.

Once installed, the malware provides information to hackers to impersonate the business in online banking sessions. To the banks, the credentials look just like the legitimate user. The hackers then move funds via wire transfers or ACH (electronic) transactions to other accounts not owned by the business.

Many hackers are currently targeting small and medium size businesses, municipalities, and non-profit organizations that may not have the sophisticated detection software or internal controls of larger businesses. Nevertheless, there are several steps a small business should consider to reduce the likelihood of a business account takeover.

Protect Yourself

  • Use a dedicated computer for financial transactional activity. DO NOT use that computer for general web browsing and email.
  • ┬áNever open attachments or click on links from unsolicited emails.
  • Apply operation system and application updates (patches) regularly.
  • Use the latest versions of Internet browsers, such as Internet Explorer, Firefox or Google Chrome with “pop-up” blockers and ensure that updates (patches) are most recent versions.
  • Use and maintain updated spam filters and anti-virus software.
  • Have host-based firewall software installed on computers.
  • Turn off your computer when not in use.
  • Segregate responsibilities; require one person to enter/perform a transaction and a second person to approve the transaction.
  • Do not approve transactions by batching them together, be sure to review and approve each one individually.
  • Review your banking transactions daily.
  • Use a dedicated bank account for ACH and wire transactions, only funding that account before you initiate transactions.
  • Contact your information technology provider to determine the best way to safeguard the security of your computers and networks.

Potential Signs Your Computer System May Be Compromised

  • Inability to log into online banking.
  • Dramatic loss of computer speed.
  • Changes in the way things appear on the screen.
  • Computer locks up so the user is unable to perform any functions.
  • Unexpected rebooting or restarting of the computer.
  • Unexpected request for a one time password (or token) in the middle of an online session.
  • Unusual pop-up messages, especially a message in the middle of a session that says the connection to the bank system is not working.
  • New or unexpected toolbars and/or icons.
  • Inability to shut down or restart the computer.

You can follow any responses to this entry through the RSS 2.0 Both comments and pings are currently closed.

{"result":"error", "message":"You can't access this resource as it requires an 'view' access for the website id = 1."}