NACHA’s ACH Operations Bulletin provides information on “corporate account takeover” – a type of cyber-crime targeting small and medium-sized business customers of financial institutions. Corporate account takeover allows cyber-criminals to gain control of a business’ bank account by stealing the business’ online banking credentials, most often by infecting business computer workstations and laptops with malware. Such malware infiltrates businesses via infected documents attached to an email, infected web sites embedded in an email as a link, or by users clicking on infected documents, videos, or photos on legitimate social networking websites. Once installed, malware provides the information that enables the cyber-thieves to impersonate the business in online banking transactions.
This bulletin also outlines the reasons smaller businesses and organizations are targeted, what a financial institution can do to protect itself and its customers, what to do if your financial institution’s customer is victimized, and how to spot a money mule. This document is intelligence vital to your business and your customers’ best interests. I highly recommend that you read the full document and take steps to ensure your business is protected from these threats. As always, feel free to contact me with questions and concerns.
Read the full Bulletin here: Corporate Account Takeovers Can Lead to Fraudulent Transactions