Cybercriminals are increasingly targeting small businesses to transfer funds from accounts and steal private information, a fraud referred to as CATO or “corporate account takeover”. Criminals use spoofed emails, malicious software and online social networks to obtain login credentials to business accounts in order to make illicit transactions. Bank of Gravett provides Multi-Factor Authentication services through our Online Cash Management Service; however, combating account takeover is a shared responsibility between businesses and financial institutions.
Here are a few tips to help prevent account takeover:
Protect your online environment. It is important to protect your cyber environment just as you do your physical location. Do not use unprotected internet connections and keep updated anti-virus and anti-spyware protection on your computers. Change passwords at least every 90 days and use something complex with a combination of numbers, letters and special characters. Use different passwords for different software programs or internet sites.
Payment authentication. Bank of Gravett will not release an online initiated ACH transaction without first verifying with an authorized employee at your business. In addition, talk to us about multi-person approval processes, batch limits and other tools that help protect you from unauthorized transactions.
Pay attention to suspicious activity and react quickly. Educate your employees. Watch out for strange network activity, do not open suspicious emails and never share account information. If you suspect a problem, disconnect the compromised computer from your network and contact the Bank.
Perform periodic in-house risk assessments that include system audits and building security.
Understand your responsibilities and liabilities. It is critical that you understand and implement the security safeguards for your business. If you don’t, you could be liable for losses resulting from account takeover. Please contact Bank of Gravett if you have any questions about your responsibilities.