Farmers State Bank

Combating Corporate Account Takeover

Combating Corporate Account Takeover

Companies are increasingly at risk of attack online. Farmers State Bank supports our business clients’ efforts to protect themselves from identity theft and financial fraud by implementing protective business practices. Farmers State Bank is committed to safeguarding our Cash Management Online Banking access and our clients’ information.

What is Corporate Account Takeover?

Corporate Account Takeover (CATO) occurs when cyber criminals gain access to your computer systems and steal your business online banking information. They then use this information to hijack your bank accounts and possibly transfer funds to themselves via ACH (Automated Clearing House) and/or Wire transfer.

Protect Yourself and Prevent Business Email Compromise

Farmers State Bank Cash Management Online Banking platform uses sophisticated security tools to help protect the bank and clients from fraudulent access. Clients can help protect their own systems with these practices:

  • Implement dual control authentication (on any accounts that allow it) for sensitive or high-risk online activities including wire transfers, wire approvals and ACH file approvals
  • Implement a two-step process with customers, vendors and business partners whereby any changes to account information or other payment instructions are confirmed outside of the communication method or channel requesting the change to payment instructions.
  • Establish internal multi-layer review procedures for approving transactions above certain thresholds. These procedures should include dual controls for approval of certain transactions and delegations of authority when one or both of the dual-control approvers are unavailable.
  • Take advantage of SMS activity alerts that can be established with your financial institution(s) and review all bank and payment card statements for unusual activity daily.
  • Periodically review employee access rights to online systems, make sure access levels are appropriate for job responsibilities
  • Raise awareness of how easily scams can occur and provide a written procedure to address situations and training for all employees on best practices to stop scams.
    • Use caution when sharing information online or on social media. By openly sharing things like pet names, schools you attended, links to family members and your birthday, you can give a scammer the information they need to guess your password or answer your security questions.
    • Refrain from posting on social media that you are on vacation. (Save those pictures for when you get back!)
    • Don't click on anything in an unsolicited email or text message asking you to update or verify account information. Look up the company's phone number either from an internal directory or a public directory on your own (don't use the one a potential scammer provides).
    • When communicating sensitive information, first ensure the person you are communicating with is the person you intended to talk to. Then confirm the other person's identity using a passcode, passphrase or other means of authentication.
    • Carefully examine the email address, URL, and spelling used in any correspondence. Scammers use slight differences to trick your eye and gain your trust.
    • Be careful what you download. Never open an email attachment from someone you don't know and be wary of email attachments forwarded to you.
    • Fraudsters can "spoof" phone numbers to trick you, so the caller ID may display a valid name or something that looks like your vendor's name. If you receive a phone call requesting a change in account number or payment procedures, call the requester back on a known phone number.
    • If unsure if a request may be fraudulent, ask your internal resources to help.
    • Implement and train all employees on best practices for email and online activity security.
  • Be especially wary if the requester is pressing you to act quickly. If employees have questions or concerns, provide internal resources, such as legal and compliance contacts.
  • Remove employee access promptly upon termination
  • Do not allow employees to maintain administrative rights on their work computers in order to prevent unauthorized software from being downloaded
  • Do not store passwords in your browser
  • Do not share user ID's and passwords
  • Install a firewall on your network
  • Install commercial security and anti-virus software programs, update them regularly and frequently run anti-virus and malware scans on your computers
  • Apply operating system and application updates regularly
  • Use the latest version of internet browsers, such as Edge, Firefox, or Chrome and keep patches up to date
  • Activate a "pop-up" blocker on browsers to prevent intrusions
  • Learn to recognize symptoms of computer breaches

Respond to Attack

Here are some action items to take once an attack has occurred:

  • Act Fast to Recovery Money
    • If you sent money to a fraudulent account, immediately contact your financial institution and request that they contact the financial institution where the transfer was sent and ask them to reverse the transaction and freeze the fraudulent account.
    • If your customer or trading partner sent money to a fraudulent account instead of paying you, ask them to contact their financial institution immediately to recover fraudulently transferred funds and freeze the fraudulent account.
  • Cease all online activity and remove any computer systems that may be compromised from the network
  • Disconnect the Ethernet cable and/or any other network connections (including wireless connections) to isolate the system from the network and prevent any unauthorized access (DO NOT POWER DOWN THE COMPUTER)
  • Immediately contact FARMERS STATE BANK at 605-928-7991 so the following steps may be taken:
    • Disable online access to accounts
    • Change online banking passwords
    • Open new account(s) as appropriate
  • File a police report
  • Contact Law Enforcement
    • Contact your local FBI field office to report the crime and file a complaint with the FBl's Internet Crime Complaint Center (IC3).
    • Your company may also report the crime to Homeland Security Investigations' Cyber Crimes Center by completing the Online ICE Tip Form or calling 1-866-DHS-2-ICE.
    • Request that your law enforcement contact work with IC3's Recovery Asset Team (RAT} to liaise with financial institutions to recover your stolen money. Contact RAT through your local FBI field office.
    • Notify applicable regulators and licensing authorities (including state and federal agencies} as required. For examples of regulators and licensing authorities who may need to be notified in the event of a security incident or breach.
  • Check and Keep Fraudsters Out
    • Scan and scrub all communications systems for viruses, malware and other intrusions and security gaps, including email forwarding rules. Keep records of any viruses, malware or other intrusions that have been removed.
    • Require employees to change passwords immediately and use strong passwords.
  • Document and Recover
    • Preserve all communications and records related to the scam, including email communications and the IP address records used by the fraudster to access the company's systems. This information will be helpful to law enforcement.
    • Review insurance coverage to determine whether coverage is available in the event of financial loss and provide notice to the insurance carrier.
© 2024 Farmers State Bank All rights reserved.