• Latest

What Is Corporate Account Takeover and How to Prevent It

June 25, 2020
Moving identity authentication earlier in customer flow is top of mind at MRC Vegas 2023:

Moving identity authentication earlier in customer flow is top of mind at MRC Vegas 2023:

March 28, 2023
How to Strengthen Your Small Business’s Defenses Against Identity Theft

How to Strengthen Your Small Business’s Defenses Against Identity Theft

March 23, 2023
How Companies Can Avoid Zero-Party Data Fraud

How Companies Can Avoid Zero-Party Data Fraud

March 13, 2023
New Podcast Episode: Walls of Thieving Cellphones with Nethone

New Podcast: How to Stop Return Policy Abuse Fraud (Pt. 2)

February 22, 2023
Germany’s Fraud Prevention Firm Hawk AI to Focus on Global Expansion with $17M Series B

Germany’s Fraud Prevention Firm Hawk AI to Focus on Global Expansion with $17M Series B

February 15, 2023
Merchant Fraud Journal Releases Biggest Annual Fraud Trends Report Yet with Insights from 16 Leading Payment and Fraud Solutions

Merchant Fraud Journal Releases Biggest Annual Fraud Trends Report Yet with Insights from 16 Leading Payment and Fraud Solutions

February 7, 2023
Curbing emerging fraud types with network intelligence and data enrichment

Curbing emerging fraud types with network intelligence and data enrichment

January 31, 2023
Policy Abuse Fraud: What Is It and How to Protect Against It

nSure.ai Delivers Growth to Digital Commerce Leaders and Boosts YoY Revenue by 280%

January 25, 2023
Fraugster and Refurbed partner to increase approval rates and reduce fraud for refurbished electronics marketplace

Sift Appoints Former Ping Identity COO Kris Nagel as CEO

January 20, 2023
Veridos Announces Innovatrics as Strategic Partner for Advanced DNA ID Verification

Veridos Announces Innovatrics as Strategic Partner for Advanced DNA ID Verification

January 19, 2023
New Podcast Episode: Walls of Thieving Cellphones with Nethone

New Podcast: How to Stop Return Policy Abuse Fraud

January 10, 2023
How to Write a Strong Chargeback Policy: Tips to Help You Protect Your Business

How to Write a Strong Chargeback Policy: Tips to Help You Protect Your Business

January 6, 2023
  • Contribute
  • Contact Us
  • About
  • Join Us
  • Advertise
Wednesday, March 29, 2023
Merchant Fraud Journal
  • Home
  • Articles
    • Chargebacks
    • Fraud Prevention
    • Influencer Insights
  • Resources
    • Recorded Webinars
    • Podcasts
    • Vendor Directory
    • eCommerce Fraud Reports
    • Training and Certifications
    • Jobs Board
    • Associations and Non-Profits
  • News
No Result
View All Result
  • Home
  • Articles
    • Chargebacks
    • Fraud Prevention
    • Influencer Insights
  • Resources
    • Recorded Webinars
    • Podcasts
    • Vendor Directory
    • eCommerce Fraud Reports
    • Training and Certifications
    • Jobs Board
    • Associations and Non-Profits
  • News
No Result
View All Result
Merchant Fraud Journal
No Result
View All Result

What Is Corporate Account Takeover and How to Prevent It

by Bradley
June 25, 2020
in Articles, Fraud Prevention

TheDigitalArtist / Pixabay

Corporate account takeover is an umbrella term used to describe a variety of attacks against corporate bank accounts and cash flows. Although these attacks take many forms, all of them involve theft of the business’s identity in order to make fraudulent transactions. Successful corporate account takeover attacks divert company funds into bank accounts controlled by criminals.

The most common types of corporate account takeover fraud are:

  • Phishing and spear-phishing attacks (malware) that place software on corporate systems to steal account login information
  • Business email compromise (BEC) attacks that take control of corporate email accounts and use them to instruct employees to divert funds to accounts controlled by the hacker
  • Social engineering attacks that psychologically manipulate employees into performing actions that bypass corporate security procedures and systems
  • Man-in-the-middle attacks that intercept communications between systems allowing hackers to learn secure account information
  • Key logger attacks that send users to websites that look legitimate but in reality record a user’s keystrokes when they enter their login credentials

Companies looking to learn more about what account takeover is and how to prevent it generally can read our comprehensive post on the subject.

In this article, we discuss the following topics:

  1. Corporate Account Takeover Risk Assessment
  2. Corporate Account Takeover Training
  3. Corporate Account Takeover Incident Response Plan

Corporate Account Takeover Risk Assessment

How to perform a corporate account takeover risk assessment properly is dependent on your organization. Companies should conduct regular assessments of their ability to stop corporate account takeover attacks. In general, conducting once assessment a year is considered the bare minimum. Some of the essential factors to evaluate when conducting a risk assessment are:

  • Review of the known and emerging account takeover strategies and tactics used by hackers
  • Assess anomaly detection alerts for “automated pass-through” payments
  • Evaluate any new products and/or services offered. New functionality should be double checked to ensure no vulnerabilities exist
  • Conduct an accounting of all known attacks, attempted or successful, in the industry and against the company specifically. The goal is to identify weaknesses, transport successful defensive tactics and strategies, and evaluate readiness for future attacks
  • Analyze processes for high-risk actives such as ACH and wire transfers
  • Check for layered security and enhanced controls on all user accounts. Ensure proper access levels for administrative accounts
  • Update awareness and education programs for risk management for both customer-facing and internal account holders
  • Look at IT procedures and ensure that employees across the company are aware of the technical aspects of how to prevent account takeover
  • Reevaluate insurance procedures against theft, and ensure the internal understanding of any policy matches up with the insurance carrier’s

Corporate Account Takeover Training

Businesses should provide corporate account takeover training to teach employees and management how to safely use email and internet, manage corporate user accounts, protect computer backend systems, and create secure decision making processes.

Safely use email and internet

Hackers consider employees a soft target as an entry point for account takeovers and businesses must educate their staff to understand those risks and incentivise them to do everything possible to mitigate them.

First, businesses must establish known processes for funds transfers, and coach employees to be wary of any requests they get to transfer funds, provide account credentials, or pay invoices via phone or email. Hackers will send convincing messages to employees known to have access to sensitive accounts claiming an urgent need for action. In all cases, these communications will seem to come from a legitimate actor in the corporate hierarchy. The hackers rely on the emotional response employees have to an urgent or angry request from management to put them into a mindset where they do not act rationally and do not verify that the request is legitimate.

Second, businesses should not allow employees to access social media accounts from work computers. Brand takeovers—where hackers setup a fake social media account designed to trick people into believing they are interacting with a company they trust—are a common account takeover tactic. Often, these fraudulent accounts will offer fake promotional links that infect computers when clicked.

Third, businesses must continually reinforce the known best practice of never clicking on a file or link unless they are absolutely certain of who the sender is. Today’s phishing attacks are extremely sophisticated, and often require vigilance to be detected. Although there are many corporate phishing attack solutions available, the best line of defense is still employee awareness and good judgment.

Manage corporate user accounts

A company’s corporate user accounts should not grant employees more permissions than they need to accomplish their jobs. This will minimize the damage if there is a successful attack. Similarly, account permissions should not allow the legitimate account holder to download any software to their machine. Employees should never have administrative access to their own computers.

In the case of an employee leaving the company, their user account should be made inactive as soon as they move on. In the case of an employee being let go, their account should be disabled even before they become aware of the move, if possible.

Protect computer back-end systems

Corporate computer systems must be secure. This means installing and updating anti-virus programs that protect against all known malware attacks. Similarly, companies must continue to patch their systems against known vulnerabilities, as well as stay up to date on new attack vectors that might not be included in previous updates.

Corporate leadership must also foster a security culture that includes IT stakeholders. IT should dedicate resources and staff to continually monitoring and updating systems. That also means having controls in place that will automatically notify relevant stakeholders of the red flags of a corporate account takeover attack which include administrative changes, unusual user account activity, and large or otherwise unique cash transfers.

Corporate Account Takeover Incident Response Plan

A corporate account takeover incident response plan must address mitigating the damage of an attack as much as possible, document the incident details, and create an understanding of the attack that can be used to improve defences in the future.

Mitigate damage

Designate a single source of truth to lead the organisational response. Often, this is a committee of people with a single person as the go-between for executives, management, and employees.

The most critical factor in the incident response plan is that it allow the committee to convince and take quick action whenever possible. Lines of communication must be open, with designated employees given specific responsibilities and actionable tasks such as resetting login credentials, notifying receiving banks of the funds transfer (if possible), performing computer forensics, and updating hardware and software to fix any vulnerabilities.

For enterprise company account takeovers, it’s also a good idea to have a dedicated spokesperson in the event of a high-profile or high-value attack. Even if just a single supplier is impacted, compromised data shakes confidence at all levels, so it is important to be as open and clear as possible with both customers and corporate partners.

Document incident details

Generate and gather records of every relevant aspect of the attack. Internally, document what the vulnerability was that allowed for a successful attack, record the damage it caused, and document the steps taken to prosecute it to completion. Externally, take documentation about the transfer to corporate partners and try to have as many transactions halted or reversed as necessary and feasible.

Companies should also contact law enforcement agencies and inform them of the attack.

Improve defenses for the future

After dealing with the attack, companies should use the documentation generated while identifying the attack to comprehensively review what went wrong. After that, the most important thing is to limit the amount of exposure to risky activity that is undertaken until a comprehensive understanding can be arrived at and translated into concrete changes that eliminate vulnerabilities.

Once a new plan is agreed to, document the changes in a way that can be used both as institutional memory as well as for benchmarking future results. Once a vulnerability patch is documented, it should become part of a cannon of internal corporate literature that is constantly reviewed when making adjustment as part of regular security system evaluations.


Further reading about corporate account takeover fraud:

https://www.aba.com/advocacy/community-programs/consumer-resources/protect-your-money/protecting-small-biz-accounts

https://www.techrepublic.com/article/how-to-prevent-a-corporate-account-takeover/

Tags: corporate account takeover
ShareTweetShareSend
Previous Post

COVID-19 Costs UK Merchants £16m

Next Post

Trustonic and Samsung Form Mobile Security Partnership

Next Post
Trustonic and Samsung Form Mobile Security Partnership

Trustonic and Samsung Form Mobile Security Partnership

Our Latest Reports

2022 Chargeback Consumer Survey Report

Fraud Prevention Tactics that Enable Exceptional Customer Experience

Addressing Payment Fraud and The Customer Experience in 2022

2022 Fraud Trends Report

ATO Fraud In Retail Report

2022 Customer Experience Report

3 Ways a Unified Chargeback Management and Fraud Platform Increases Revenue

Digital Trust And Safety Report: Combating the Evolving Complexities of Payment Fraud

On-Demand Webinars

Balancing Customer Experience and Fraud Prevention: What’s the Secret?

Stopping Fraud Across the Customer Lifecycle

Addressing Payment Fraud and the Customer Experience in 2022

 

Get the 2023 Fraud Trends Report

Search Our Site

No Result
View All Result

Our Sponsors

Featured Directory Listings

  • logo
    NoFraud
  • SEON. Fraud Fighters
  • sift logo
    Sift
  • Signifyd
  • Ekata
  • Microsoft Dynamics 365 Fraud Protection
  • PayRetailers
  • Spotrisk

Our Sponsors

Fraud Industry News

Moving identity authentication earlier in customer flow is top of mind at MRC Vegas 2023:

Moving identity authentication earlier in customer flow is top of mind at MRC Vegas 2023:

March 28, 2023
How to Strengthen Your Small Business’s Defenses Against Identity Theft

How to Strengthen Your Small Business’s Defenses Against Identity Theft

March 23, 2023
How Companies Can Avoid Zero-Party Data Fraud

How Companies Can Avoid Zero-Party Data Fraud

March 13, 2023

Connect With Us

Quick Navigation

  • Home
  • News
  • Join Us
  • About Us
  • Contact Us
  • Advertise
  • Contribute
  • Privacy Policy

The Payments Media Network

Merchant Fraud Journal
Payments Review

Privacy Policy

Our Privacy Policy
Our Terms of Use

Resources

  • Articles
  • eCommerce Fraud Reports
  • eCommerce Fraud Webinars
  • Training and Certifications
  • Jobs Board
  • Associations and Non-Profits
  • Podcasts
  • Vendor Directory

Popular Posts

  • How to File a Claim With FedEx + What To Do If Claim is Denied

    How to File a Claim With FedEx + What To Do If Claim is Denied

    0 shares
    Share 0 Tweet 0
  • How Does Two-Factor Authentication (2FA) Work?

    0 shares
    Share 0 Tweet 0
  • Top eCommerce Fraud Prevention Companies

    0 shares
    Share 0 Tweet 0
  • The Best Reverse Email Lookup Tools in 2022 (with pricing)

    0 shares
    Share 0 Tweet 0

Featured Vendors

  • NoFraud
  • SEON. Fraud Fighters
  • Sift
  • Signifyd
  • Ekata
  • Microsoft Dynamics 365 Fraud Protection
  • PayRetailers
  • Spotrisk

Download the 2023 Fraud Trends Report

No Result
View All Result
  • About Merchant Fraud Journal
    • Interested in Contributing or Guest Posting to Merchant Fraud Journal?
  • Advertise on Merchant Fraud Journal
  • Articles
    • Chargebacks
    • Fraud Prevention
    • Influencer Insights
  • Contact Us
  • Download Addressing Payment Fraud and Customer Experience Report
  • Download Chargebacks Consumer Survey Report 2022
  • Download Evolving Complexities of Payment Fraud Report
  • Download Fraud Prevention Tactics that Enable Exceptional Customer Experiences Report
  • Download Merchant Fraud Journal 2023 Fraud Trends Report
  • Download the 2020 Chargeback and Representment Report
  • Download the 2020 Merchant Fraud Journal Vendor Guide
  • Download the 2021 Fraud Trends Report
  • Download the 2022 Fraud Trends Report
  • Download the 3 Ways a Unified Chargeback Management and Fraud Platform Increases Revenue Report
  • Download the MFJ 2022 Customer Experience Report
  • Download the MFJ ATO in Retail Report
  • Home
  • Job Dashboard
  • Join The Merchant Fraud Journal Community
  • Merchant Fraud Journal Advertising Agreement
  • MFJ Fraud Trends Report Giveaway
  • News
  • Post a Job
  • Privacy Policy
  • Resources
    • 2020 Chargeback Representment Guide for Merchants
    • 2020 Vendor Guide
    • 3 Ways a Unified Chargeback Management and Fraud Platform Increases Revenue
    • Addressing Payment Fraud and the Customer Experience in 2022
    • Associations and Non-Profits
    • ATO Fraud In Retail Report
    • Balancing Customer Experience and Fraud Prevention: What’s the Secret?
    • Chargebacks Consumer Survey Report 2022
    • Digital Trust & Safety: Combating the Evolving Complexities of Payment Fraud
    • eCommerce Fraud Reports
    • eCommerce Fraud Webinars
    • Fraud Prevention Tactics that Enable Exceptional Customer Experiences
    • Fraud Prevention Training and Certifications
    • How to Build a Recession Proof Chargeback Prevention Strategy
    • How to Stop Fraud During the 2022 Holiday Season
    • Jobs Board
    • Merchant Fraud Journal 2023 Fraud Trends Report
    • Merchant Fraud Journal’s Fraud Trends 2020 Report
    • Merchant Fraud Journal’s Fraud Trends 2021 Report
    • Merchant Fraud Journal’s Fraud Trends 2022 Report
    • MFJ’s 2022 Customer Experience Report
    • Podcasts
    • Prevent High-Velocity Fraud Attacks During the 2021 Holiday Season
    • Stopping Fraud Across the Customer Lifecycle
    • Vendor Directory
    • Webinar – Addressing Payment Fraud and the Customer Experience in 2022
    • Webinar – Mitigating Fraud and Risk on the ACH Network
    • Win January Chargeback Disputes
  • Subscribed
  • Terms and Conditions

© 2021 Payments Media Solutions Canada Inc.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?