Corporate Account Takeovers on the Rise
During the first quarter of this year, we have seen an increase in corporate account takeover attempts and cybercrime activity. An example of a corporate account takeover is where a hacker gains access to the customer’s computer system and starts making transactions. Sometimes the business is unaware of the activity taking place and that they lack adequate security to prevent the ease of this type of crime on their network.
This is a trend that industry experts predict to stay on the rise.
The individuals behind this type of crime are very smart, and employ some very sophisticated methods. While the end goal is to steal money from unknowing persons, many different means are used to achieve that goal. Some examples include: Suspicious email messages, fraudulent websites, specially crafted viruses, and software that appears to be free and makes people want to download it. Unlike a typical bank robber in the traditional sense, the people that commit these crimes are very well-studied, they have an exact plan, and they are good at covering their tracks. You can bet that part of the planning process includes studying which customers would give them the greatest benefit from their efforts and this is typically the small and medium-sized business that has some general security flaws in their computer systems.
The Bank of Missouri uses multiple layers of security to make this type of crime much harder for these individuals. These include: Requiring our customers to regularly change their password, the use of RSA (security tokens), monitoring of abnormal activity for each user and the use of security questions. However, continued education of our staff and customers is also a key component of our strategy. In most all cases when this crime happens, there was something out of the norm about the user experience that should have triggered suspicion to the user at the customer’s computer. No one single thing can prevent all the possibilities. Multiple approaches makes this crime more difficult for the would-be hacker.
Here are a few things that you can watch for and do to better protect yourself:
- These viruses are designed to look very much like the normal banking website, however it isn’t. Signs to watch for include:
-Users who are experiencing difficulty logging in or logging out for no reason – particularly RSA token users.
-Some businesses have reported being prompted to enter a “wire pin” or the system being very slow or showing a message that it “is performing maintenance” after they have logged in. This is not normal behavior for our Online Banking system.
- Remember, we would NEVER ask for confidential information via this means. So please do not input this information if it is requested.
- If you see any sort of strange or unusual behavior during an Online Banking session, immediately log off and turn your computer off. Seek advice from a trusted computer professional and monitor your bank account for unusual activity.
- Consider using a personal firewall and/or content filtering application on your computer(s).
- An additional tool that we have to use is trusted IPs or “Internet address”. The Bank of Missouri has the ability to restrict what IP address the Online Banking ID uses. This is one way to prevent your Online Banking account from being accessed from other computers on the Internet.
- Report any suspicious activity to The Bank of Missouri immediately.
- Monitor your accounts regularly for unauthorized activity.