Skip to main content

Protecting Your Business


Protecting Your Business from Account Takeover

When it comes to your business accounts, Corporate Account Takeover is a very real threat. Corporate Account Takeover is a form of business identity theft where cyber thieves gain control of a business’ bank account by stealing employee passwords and other valid credentials. Thieves can then initiate fraudulent wire and ACH transactions to accounts controlled by the thieves.

How thieves gain access to your accounts.

Although there are several methods being employed to steal credentials, the most prevalent involves malware that infects a business’ computer workstations and laptops.A business can become infected with malware via infected documents attached to an e-mail or a link contained within an e-mail that connects to an infected web site. In addition, malware can be downloaded to users’ workstations and laptops by visiting legitimate websites – especially social networking sites – and clicking on the documents, videos or photos posted there. This malware can also spread across a business’ internal network.

Prevention, detection and reporting recommendations for business customers account control

Recommended computer security tools and practices

Recommendations for corporate account takeover victims

Immediately cease all activity from computer systems that may be compromised.

Disconnect the Ethernet, wireless or other network connections to isolate the system from remote access.

Immediately contact your financial institution and request assistance with the following actions:

Contact your insurance agent to discuss any guidance they may provide and if required to report the event.

Maintain a written chronology of what happened, what was lost and the steps taken to report the incident to the various agencies, banks and firms impacted. Be sure to record the date, time, contact telephone number, person spoken to, and any relevant report or reference number and instructions.

File a police report and provide the facts and circumstances surrounding the loss. Obtain a police report number with the date, time, department, location and officer’s name taking the report or involved in the subsequent investigation. Having a police report on file will often facilitate dealing with insurance companies, banks, and other establishments that may be the recipient of fraudulent activity. The police report may initiate a law enforcement investigation into the loss with the goal of identifying, arresting and prosecuting the offender and possibly recovering losses.

This is for information purposes and is not intended to provide legal advice. The guidance included is not an exhaustive list of actions and security threats change constantly. 

Additional information security and risk assessment resources for business customers:

Federal Trade Commission Data Security:

NACHA Current Fraud Threats Resource Center: