FDIC – Identity Theft & Fraud – Learn how to protect yourself
FDIC – Safe Internet Banking – Tips for safe banking over the internet
OnGuardOnline.gov – Government resources for online safety
FFIEC Online Banking Authentication .pdf (118 KB) – Information from the FFIEC about authentication methods for Online Banking
To view some of these resources, you will need to download Adobe’s Acrobat Reader (free)
This section is for information purposes only and is not intended to provide legal advice. The guidance included is not an exhaustive list of actions. Be aware that security threats change constantly. Click on a topic below for more details.
“Corporate account takeover” is when cyber-thieves gain control of a business’ bank account by stealing the business’ valid online banking credentials. Although there are several methods being employed to steal credentials, the most prevalent involves malware that infects a business’ computer workstations and laptops.
A business can become infected with malware via infected documents attached to an e-mail or a link contained within an e-mail that connects to an infected web site. In addition, malware can be downloaded to users’ workstations and laptops by visiting legitimate websites – especially social networking sites – and clicking on the documents, videos or photos posted there. This malware can also spread across a business’ internal network.
The malware installs key logging software on the computer, which allows the perpetrator to capture a user’s credentials as they are entered at the financial institution’s web site. Sophisticated versions of this malware can even capture token-generated passwords, alter the display of the financial institution’s web site to the user, and/’or display a fake web page indicating that the financial institution’s web site is down. In this last case, the perpetrator can access the business’ account online without the possibility that the real user will log in to the web site.
Once installed, the malware provides the information that enables the cyber-thieves to impersonate the business in online banking sessions. To the financial institution, the credentials look just like the legitimate user. The perpetrator has access to and can review the account details of the business, including account activity and patterns, and ACH and wire transfer origination parameters (such as file size and frequency limits, and Standard Entry Class (SEC) Codes).
The cyber-thieves use the sessions to initiate funds transfers, by ACH or wire transfer, to the bank accounts of associates within the U.S. These accounts may be newly opened by accomplices or unwitting “money mules” for the express purpose of receiving and laundering these funds. The accomplices or mules withdraw the entire balances shortly after receiving the money, and then send the funds overseas via over-the-counter wire transfer or other common money transfer services.
The cyber-thieves appear to be targeting small – to medium-sized businesses, as well as smaller government agencies and nonprofits, for several reasons:
The Fair Credit Reporting Act (FCRA) requires each of the nationwide credit reporting companies – Equifax, Experian, and TransUnion – to provide you with a free copy of your credit report, at your request, once every 12 months. The FCRA promotes the accuracy and privacy of information in the files of the nation’s credit reporting companies. The Federal Trade Commission (FTC), the nation’s consumer protection agency, enforces the FCRA with respect to credit reporting companies.
For more information, visit the Federal Trade Commission’s website.