Corporate account takeover is a type of fraud where thieves gain access to a business' finances to make unauthorized transactions, including transferring funds from the company, creating and adding new fake employees to payroll and stealing sensitive customer information that may not be recoverable.
Cyber thieves target employees through phishing, phone calls and even social networks. It's common for thieves to send emails posing as a bank, delivery company, court or the Better Business Bureau. Once the email is opened, malware is loaded on the computer, which then records login credentials and passcodes and reports them back to the criminals.
Corporate account takeover is a growing threat for small businesses. It is important that businesses understand and prepare for this risk.
How do I protect myself and my small business?
You and your employees are the first line of defense against corporate account takeover. A strong security program paired with employee education about the warning signs, safe practices and responses to a suspected takeover are essential to protecting your company and customers.
Besides a strong security program and employee education, the best way to protect against corporate account takeover is a strong partnership with your financial institution. Work with your bank to understand security measures needed within the business and to establish safeguards on the accounts that can help the bank identify and prevent unauthorized access to your funds.
Consider these tips to ensure your business is well prepared:
Where should I go for additional information?
Sound Business Practices for Businesses to Mitigate Corporate Account Takeover (NACHA – The Electronic Payments Association)