Disclosures
Corporate Account Takeover (CATO) is a type of fraud of corporate identity theft where cyber thieves use some form of malware to obtain login credentials to online banking accounts and fraudulently transfer funds from the account. Employees are targeted through phishing, phone calls and social networks. Malware is software designed to infiltrate a computer system without the owner’s informed consent and includes computer viruses, worms, Trojan horses, spyware, dishonest adware, crimeware, most rootkits and other malicious and unwanted software. Malware can be an “infected” document attached to an email or an infected web site visited. Domestic and international wire transfers, business-to-business ACH payments, online bill pay and electronic payroll payments have all been used to commit this crime.
The following are things that can be done to protect the business:
- Secure your computer(s) and networks
- Do not allow any software to be installed without prior approval
- Install and maintain spam filters
- Surf the internet carefully
- Install and maintain real-time anti-virus/anti-spyware/firewall software and keep it up to date
- Install routers and firewalls to prevent unauthorized access to your computer or network
- Install security updates to operating systems and all applications as they become available
- Block pop-ups
- Do not open attachment from e-mail (Be alert for suspicious emails)
- Do not use public internet access points
- Recommend dual control from separate devices
- Reconcile accounts daily
- Note any changes in the performance of your computer (Dramatic loss of speed, computer locks up, unexpected rebooting, unusual popups)