There are many ways criminals are fraudulently accessing funds of others, and the takeover of an account is one of the largest fraud risks that banks are seeing among business customers. There are two ingredients required: (1) online access from a computer, and (2) an employee not savvy enough to protect your business information.
Account takeover is when criminals gain access to your bank account by stealing the valid online banking credentials of customers. The criminal’s process is:
- Target Employees
- Install Malware
- Get Access to Online Banking
- Collect and Transmit Data
- Initiate Funds Transfers
So what can you do to protect yourself?
- Limit access to online banking credentials to only those who absolutely need to know them. Set up “read only access” for those who review information but don’t need to create any transactions.
- Make sure employees know not to click any links in e-mails. These e-mails can look like they are from government agencies, banks, shipping companies, PayPal, etc.
- If they are not sure if the e-mail is valid, log in directly to the vendor website the information appears to be from to verify if there is truly an issue to be handled.
- Have a good virus software that scans for malware daily (this won’t prevent a takeover if they immediately use the information they get to access your account, however)
If you do find your account has been taken over contact your bank immediately and change all login information.
Be aware of scams to get your banking information, and make sure your staff understands all the ways fraudsters try to gain access to your account. Knowledge is the key to protecting yourself.