Corporate Account Takeover
Corporate Account Takeover (CATO) is a form of corporate identity theft where a business’ online credentials are stolen by using social engineering, viruses, and malware. Criminal entities use these methods as a way to gain access to your private bank information and then initiate fraudulent banking activity. Although there are several methods to steal credentials, the most prevalent involves malware that infects a business' computer workstations and laptops.
Helpful hints to prevent corporate account takeover:
- Ensure all business networks/computers are frequently updated with current anti-virus software and firewalls.
- Ensure computers are patched regularly particularly operating system and key application with security patches. It may be possible to sign up for automatic updates for the operating system and many applications.
- Use caution when opening emails and clicking on (or even hovering over) any links that come from unknown sources. Simply navigating to a page or hovering over a link can potentially infect your machine.
- Use strong passwords and change them often.
- Pay attention to alert emails sent from the bank as they are there to notify you of unusual activity regarding your online profile. (i.e., new recipient added to payroll, password change, etc.).
- Avoid using an automatic login features that save usernames and passwords for online banking.
- Never access bank, brokerage or other financial services information at Internet cafes, public libraries, public Wi-Fi spots, etc. Unauthorized software may have been installed to trap account number and sign on information leaving the customer vulnerable to possible fraud.