You would have to be living in a cave not to have seen the plethora of news articles, advertisements, seminars, and so on relating to personal identity (ID) theft. But are you familiar with Corporate Account Takeover (CAT)?
This ID thieving CAT is all about business, where the dollar and information risk of loss is greater. The American Bankers Association defines CAT as: a type of fraud where thieves gain access to a business’ finances to make unauthorized transactions, including transferring funds via check, wire or ACH from the company, creating and adding new fake employees to payroll, and stealing sensitive customer information that may not be recoverable.
CAT lurks online—and in dumpsters
In the paper world, thieves may “dumpster dive” to get account statements, take confidential information off of a desk or lying out in a public place within the business, steal account statements and check payments lying on desks or out of unlocked mailboxes.
According to the 2014 AFP Payments Fraud and Control Survey:Checks remain the payment type most vulnerable to fraud attacks; 82% of organizations affected by payments fraud report that checks were targeted; and, among organizations suffering a financial loss due to payments fraud, the typical loss was $23,100.
Not too many years ago, I didn’t consider check fraud to be ID theft (or, if it is committed against a business, corporate account takeover) but under the definitions today, that is exactly what it is.
CAT loves phish
Today’s thieves target employees through email phishing, phone calls, and even social networks. It is common for thieves to send emails posing as a bank, vendor known to the company, law enforcement agencies, federal government agencies, or other trusted businesses. Once the employee opens the email or clicks on a link embedded in the email, malware is loaded on their computer. The malware then records login credentials and passcodes and reports them back to the criminals. Since the cyber thief has gained control of the user ID, password, and other login credentials they are able to access online sites such as online banking.
Once in online banking, the thief initiates fraudulent wire and ACH transactions to accounts controlled by the thieves. The funds are then quickly withdrawn making recovery almost impossible. The thief may also be able to access confidential account information such as account numbers, check numbers, and balances, which perpetuates the previously mentioned check fraud.
Some of the warning signs your network or access device may have been compromised include:
- Inability to log into online banking (thieves could be blocking your access so you don’t see the theft until the money is gone and criminals have control of it)
- Dramatic loss of computer speed
- Changes in the way images appear on the screen
- Computer locks up so the user is unable to perform any functions
- Unexpected rebooting or restarting of the computer
- Unexpected request for a one time password (or token) in the middle of an online session
- Unusual pop-up messages, especially a message in the middle of a session that says the connection to the online system is not working (system unavailable, down for maintenance, etc.)
- New or unexpected toolbars and/or icons
- Inability to shut down or restart the computer
Scared of CAT? With the right precautions, you don’t have to be
Next month, I will write about how to prevent and mitigate the risk of corporate account takeover. In the meantime, stay secure and remain vigilant—and feel free to pass this post along to anyone in your organization who’s allergic to CAT (and that should be EVERYONE).