Corporate Account Takeover

Protecting Your Accounts from Fraud 

What is Corporate Account Takeover? 
Corporate Account Takeover, account hijacking and keylogging are all terms used when an account is subjected to online fraud. The victims are mostly small to midsize organizations using online accounts at local community banks and credit unions. 

How does it occur? 
Criminals use various methods to steal online banking credentials in order to steal funds from accounts, access employee records and other confidential information. Access can be gained through unsecure Internet connections not utilizing sufficient firewalls and security features, or by infecting computers with malware or malicious software that can track keystrokes to capture user name, passwords, and other security information when the company employee accesses their online banking network.

Criminals often use e‐mail to gain access to a company’s system.  Malware, or links to malware are often included in face invoice e‐mails, or e‐mails that claim to be from a bank or other legitimate business. The user is instructed to click on a link or open an attachment. The link will take the user to a counterfeit website where the user’s machine is infected. The attachment will infect the user’s machine once the file is opened. 


What should be done if we have been compromised? 
Call your financial institution immediately so they can prevent unauthorized files and block the account. 
Employ a knowledgeable IT professional to identify and remove any infections. 


What can be done to prevent account takeover? 

  • Use stand along computers for online banking services, ACH origination and wire transfers. Never allow employees to use this computer for Internet searches or e-mail. 
  • Implement dual control on all online payment services. A second person should be used to authorize any financial transfer (ACH, inter‐bank, wire transfer). 
  • Increase security for online banking services, login, PIN/password combinations are not sufficient to mitigate account takeover. 
  • Educate employees to never give out online banking credentials or open e‐mail links or attachments. A security policy should be adopted and all employees should be trained and held accountable for any breach of policy. 
  • Update anti-virus software and utilize it routinely. Verify the software contains both antivirus and antispyware capabilities, and test firewalls regularly.  
  • Restrict network administrator privileges to supervisor/manager employees only. The employees that utilize the network on a daily basis should never have full administration rights. If an employee’s credentials are compromised the criminal would also have full admin capabilities. 
  • Reconcile accounts daily to protect accounts from unauthorized activity. 
  • Implement positive acknowledgement for ACH files and wire transfers. An e-mail or phone call to your financial institution will help mitigate unauthorized funds transfers. 


By Cynthia J. Thompson, AAP, CTP
Director Professional Services  at The Payments Authority