Criminals are increasingly shifting from individual targets to corporate targets, and small to medium-sized businesses are especially vulnerable. Eastern European organized crime groups are using USA-based accomplices to perpetrate fraud, criminally moving millions of dollars to overseas locations via ACH and wire transfers.
How Clients are Vulnerable
A client typically becomes compromised through "spear-phishing", which is the use of a fraudulent email that appears to be a credible communication. When opening the email and clicking on enclosed links or attachments, the infected file or Web site will install malware on the user's computer permitting a criminal to track keystrokes and capture otherwise secure log-in information. Criminal groups have used spear-phishing under the guise of communications from the Better Business Bureau, US Court System and UPS as just a few examples.
Once the fraudster has obtained your online credentials, common methods to obtain access to your funds are to hijack a secure web session or create a new ID and password and initiate fund transfers separately.
Recommendations for Clients
CapitalMark Bank & Trust recommends the following Account Control measures to help create safeguards against potential breach of security:
- Utilize online account features that add additional protection - ex. check cashing limitations and automated payment filters.
- Employ daily reconciliation of all banking transactions.
- Use dual-controls for ACH and wire transfer payments - separate originator and transaction authorizer.
Other best practices include the following:
- For clients processing high value and high volume online transactions, consider employing a stand-alone, locked down computer system which does not have email capability.
- Verify with your financial institution or government body when receiving email communications that are not anticipated. Do not utilize links included in these emails - typically your financial institution will process everything through any official site that is accessed independently.
- Install a dedicated and actively managed firewall.
- Train your personnel to use a strong password with at least 10 characters, using a mix of alpha-numeric combinations and small and upper-case letters.
- Prohibit any shared online ID's and passwords among multiple users.
- Employ a variety of passwords for each log-on site accessed.
- Change your password regularly.
- Never share ID and password with third-party providers.
- Limit administrative rights for your employees so they are unable to download malware or viruses embedded in seemingly harmless new applications.
- Use commercial anti-virus and desktop firewall – often the "free" software will not provide protection against the latest threats.
- Use and update security patches regularly – if possible, sign up for automatic updates to your operating system and other applications.
- Install spyware detection programs.
- Clear the browser cache before starting Online Banking sessions, to eliminate residual copies of web pages stored on your hard drive.
- Verify use of a secure session – https and not http – for all online banking.
- Avoid using Automatic Log-in features for online banking or investing.
- Never leave your computer unattended during any online banking or investing session.
- Do not access online banking or investing from a public computer, ex., public libraries, coffee houses, etc. Unauthorized software may have been installed to trap account number and sign on information.
Additional steps you can take:
- Be familiar with your Account Agreement and your responsibilities and liability for fraud under the agreement and the Uniform Commercial Code for your jurisdiction.
- Keep connected with other businesses to share information about suspected fraud.
- Escalate promptly suspicious transactions to CapitalMark – especially regarding ACH and wire transactions. Take advantage of a limited recovery window for these transactions, and protect yourself from further loss.
Recommendation for Clients
If you are a victim of fraud, your next steps should include:
- Immediately cease interaction with the computer system that may be compromised and disconnect the system connections to eliminate the continuation of remote access by the criminal.
- Importantly, do not give anyone access to this system until it can be inspected by bank or law enforcement computer forensic professionals.
- Immediately contact CapitalMark and we will do the following:
- Disable your online accounts.
- Assist you in changing online passwords.
- Open new accounts as appropriate.
- Review all recent transactions and electronic authorizations in the account.
- Verify any requests for Address change, Title change, PIN change, new cards ordered, checks or other documents requested to a separate address.
- Obtain Customer Assistance or Fraud Prevention contact numbers on your monthly statements, or call CapitalMark at 423.756.7878 (Chattanooga) and 865-329-3471 (Knoxville).
- File a Police Report with the local authorities and supply facts and circumstances surrounding the loss. A complete police report will assist you as you deal with insurance companies, banks, etc., and will aid the Police department in investigating and hopefully identifying and prosecuting the perpetrator.
- Create a log that shows the timeline of what happened, your response, date and time of any conversations with CapitalMark, your insurance company, any other officials, to include phone numbers and the individuals you spoke to, and other relevant instructions or information you received.
- Consider that if you use your business system to conduct personal online banking, you could be exposed to the threat of identity theft individually. Further recommendations to combat the threat of identity theft can be viewed at the Federal Trade Commission's Identity Theft website: www.ftc.gov/bcp/edu/microsites/idthef.
- In tandem with your law enforcement investigative and forensic recommendations, consider employing a qualified computer forensic/information security professional.
CapitalMark Bank & Trust values your business and is dedicated to assist you in partnership to safeguard the financial assets you've entrusted with us. If we can be an additional resource to you in your risk management review and assessment, please don't hesitate to contact your Banker Team.