Home / Customer Support / Fraud Info / Business Online Banking Threat

Business Online Banking Threat

According to several government agencies, Web-based commercial EFT origination applications are being targeted by criminals using malicious software, including Trojan horse programs, keystroke loggers, and other spoofing techniques designed to avoid online authentication controls.

Typically, the compromise is carried out through a “spear phishing” email that names the recipient correctly and contains either an infected file or a link to an infected website. The e-mail recipient is generally a person within a company who can initiate fund transfers or payments on behalf of the business.

Once the user opens the attachment, or clicks the link to open the website, malware is installed on the user’s computer and collects the user’s corporate online banking credentials.  User’s computers can also be infected by drive-by downloads when visiting websites hosting malicious code that exploits browser vulnerabilities.

The fraud is carried out when the fraudster creates another user account from the stolen credentials or directly initiates a funds transfer masquerading as the legitimate user.

Recommendations

Account Controls

  • Initiate wire payment transfers and ACH under dual control, with a transaction originator and separate transaction authorizer.
  • Reconcile all transactions on a regular basis. Daily, if possible.
  • Consider account services that may aid in monitoring account activity, such as positive pay.

Best Practices

  • If you perform high value or a large number of online banking transactions, consider a stand-alone, hardened PC used only for this purpose.
  • Be suspicious of emails purported to be from the bank, government agency or any source that is requesting account information, account verification or banking access credentials such as user names, passwords or similar information.
  • Opening file attachments or clicking on web links in suspicious emails may expose your system to malicious code.
  • If you have broadband or a dedicated connection to the internet, install a dedicated, actively managed firewall.
  • Use strong passwords at least 10 characters in length with a combinations of letters, numbers and special characters.
  • Prohibit the use of “shared” usernames and passwords for online banking access.
  • Change your password regularly.
  • Limit administrative rights on user’s workstations to help prevent the inadvertent downloading of malware and other viruses.
  • Ensure virus protection and other security software is updated regularly, as well as operating system and key application security patches.  Consider installing spyware protection programs.
  •  Verify use of a secure session (https not http) in the browser for all online banking.
  •  Avoid using automatic login features that save usernames and passwords for online banking.
  • Do not use a workstation from an untrusted source to access online banking. 

Notification

  • Notify staff with access to online banking so they can take precautionary steps.
  • Notify the bank if you receive any communication requesting account information or access credentials.
  • Immediately escalate any suspicious activity or transactions to the attention of the bank, particularly wire transfers or ACH.

Contact us for more information.