Cybersecurity Threats on the Rise: Corporate Account Takeover and Wire Fraud

 

At Riverland, we are always prepared to respond to cybersecurity threats. Corporate account takeover and wire fraud are a few types of cybersecurity breaches that are on the rise in the banking industry, and we want our customers to be aware of them. Here is an overview of what these breaches may look like, helpful tips to ensure your protection as a banking customer, and features Riverland has in place to help customers prevent and respond to potential attacks.

Corporate Account Takeover

In a corporate account takeover situation, a hacker performs business identity theft by gaining control of a business bank account through stealing employee passwords and other credentials. They then proceed to steal funds by initiating fraudulent ACH or wire transactions to accounts controlled by thieves. They also use their new access to uncover sensitive customer information in order to perpetrate further attacks.

Hackers may obtain account credentials in various ways, including sending a phishing email – an email that appears to be from a legitimate company or sender, but is really from the thieves. The email usually includes a link for the recipient to click on and asks that you enter sensitive information, like passwords or security questions. Other methods for thieves to obtain banking credentials include manipulating individuals using targeted messaging or through website breaches.

Wire Fraud

Wire fraud happens when a hacker obtains access to an email account and imitates the owner’s identity, in order to defraud the company or individual. Often, the thieves will create an account with an email address almost identical to the original email address and then use it to send a fake request instructing other individuals within the company to wire funds immediately using payment instructions they provide. Fraudsters are attracted to wires due to the speed of payment. They are nearly impossible to recover, due to immediate settlement and availability.

Wire fraud can occur when a hacker tries to contact the bank account owner through any electronic communication channel, which can include email, phone calls, texts, or social media messages, and uses these tactics to solicit money from the account. These scams can sometimes appear very convincing, so take note of the following steps that anyone can take in order to protect themselves against fraud.

What should I do to avoid becoming a victim?

• Set up online and mobile banking to closely monitor your account(s).
• Set up email or text alerts.
• Train everyone in your company on how to identify potential phishing attacks.
• Set up a multi-factor identification measure, such as our Touch ID login feature or Token Authentication.
• Be wary of any text or email prompting you to click a link or update your personal information. Make sure you can verify the individual sender by looking up their information and contacting them before taking any action.
• Frequently monitor your account activity to ensure it matches up with the transactions you’ve recorded.
• If you’ve received a suspicious email, call the person who sent it to verify their request.
• Closely examine the address you receive any suspicious emails from. Often, a fraudulent email address will look almost identical to a real one you are familiar with, aside from just one or two characters.
• Talk to us. Our banking experts will be happy to offer personal advice on how to be proactive about keeping your account secure or how to respond to an active fraud situation.

What is Riverland doing to keep my accounts safe?

Riverland has several recommended tools to combat potential account takeover and wire fraud attacks.

Positive Pay and ACH Filter

Positive Pay is a fraud-prevention system for our business banking customers in which we review each check posting to the account to verify accuracy of the account number, check number, and amount before paying the item. If anything looks suspicious, we contact the account owner directly to verify or deny the transaction. This prevents any fraudulent checks from being honored. Our ACH Filter service prevents unauthorized withdrawals by stopping any ACH debits from posting to your account unless you’ve pre-authorized them.

Token Authentication

We offer Token Authentication for all of our online banking users in order to ensure a secure login process.

Callbacks

Though wire transferring can be the quickest way to send money, it is also a frequent target of fraud. We provide a callback service for all wire transfers to ensure the request is legitimate and authorized.

Learn more about safety and security with these tips »