CATO
CATO or Corporate Account Takeover is a type of business
identity theft where criminals gain control of a business bank
account by stealing employee passwords and other credentials.
Corporate Account Takeover (CATO) is a form of corporate
identity theft where a business' online banking credentials
are stolen by malware. Criminal entities can then initiate
fraudulent banking activity, including wire transfers and ACH
payments. Corporate Account Takeover Fraud involves
compromised identity credentials and is NOT a compromise to
the ACH Network, wire transfer system, or bank systems. CATO
is specific to compromises on individual / business
computers.
Losses from Corporate Account Takeover are not covered under
Regulation E and, by agreement, are generally the responsibility
of the customer; therefore, corporations and businesses need to
take proper precautions to protect their computers and financial
information to avoid financial and reputation losses.
Businesses need to evaluate their systems. Systems should have
secure internet browsers. There are several products and the
type of protection / security software is the individual choice
of each business or corporation.
Some of the signs of a compromised computer are:
- "System Unavailable" messages while banking online
-
Changes in the way your online banking application appears
-
Unexpected requests for a one-time password/token in a session
- Unusual pop-up messages
- Computer locks up
- Dramatic loss of PC speed
- Unexpected rebooting or restarting of PC
- New or unexpected toolbars or icons
-
Inability to shut down or restart PC·Warnings from
anti-virus or anti-malware software
Suggestions for Computer Security
- Establish a dedicated computer for online banking
- Prohibit web browsing, emailing and social networking
- Use anti-virus and anti-spyware technology
- Use secure browser technology
- Do not leave computers unattended or unlocked
- Use spam filters and pop-up blockers
-
Install routers and firewalls to prevent unauthorized access
-
Do not use public Wi-Fi hotspots such as in cafes and airports
If you should become a victim of Corporate Account Takeover, you
should immediately contact law enforcement and all financial
institutions that you conduct business with. Document all
information available for any investigation.
if you suspect that your business account has been compromised,
contact law enforcement immediately and file a report. Also,
contact ALL financial institutions with which you conduct
business.
|