WHAT CAN YOU DO TO KEEP YOUR BUSINESS SECURE?

• Educate your employees about cybercrimes. Make sure your employees understand that just one infected computer can lead to an account takeover.

• Make them very conscious of the risk, and teach them to ask the question:  “Does this e-mail or phone call make sense?” before they open attachments or provide information.

• Block access to unnecessary or high-risk websites. Prevent access to any website that features adult entertainment, online gaming, social networking and personal e-mail. Such sites could inject malware into your network.

• Establish separate user accounts for every employee accessing financial information and limit administrative rights. Many malware programs require administrative rights to the workstation and network in order to steal credentials. If your user permissions for online banking include administrative rights, don’t use those credentials for day-to-day processing.

• Use approval tools in cash management to create dual control on payments. Requiring two people to issue a payment – one to set up the transaction and a second to approve the transaction – doubles the chances of stopping a criminal from draining your account.

• Review or reconcile accounts online daily. The sooner you find suspicious transactions, the sooner the theft can be investigated.

CORPORATE ACCOUNT TAKEOVER is a type of fraud where thieves gain access to a business’ finances to make unauthorized transactions, including transferring funds from the company, creating and adding new fake employees to payroll, and stealing sensitive customer information that may not be recoverable. The American Bankers Association recommends following these tips to keep your small business safe.

• Educate your employees. You and your employees are the first line of defense against corporate account takeover. A strong security program paired with employee education about the warning signs, safe practices, and responses to a suspected takeover are essential to protecting your company and customers.

• Protect your online environment. It is important to protect your cyber environment just as you would your cash and physical location. Do not use unprotected internet connections. Encrypt sensitive data and keep updated virus protections on your computer. Use complex passwords and change them periodically.

• Partner with your bank to prevent unauthorized transactions. Talk to your banker about programs that safeguard you from unauthorized transactions. Positive Pay and other services offer call backs, device authentication, multi-person approval processes and batch limits help protect you from fraud.

• Pay attention to suspicious activity and react quickly. Look out for unexplained account or network activity, pop ups, and suspicious emails. If detected, immediately contact your financial institution, stop all online activity and remove any systems that may have been compromised. Keep records of what happened.

• Understand your responsibilities and liabilities. The account agreement with your bank will detail what commercially reasonable security measures are required in your business. It is critical that you understand and implement the security safeguards in the agreement. If you don’t, you could be liable for losses resulting from a takeover. Talk to your banker if you have any questions about your responsibilities.

Additional Resources

The following links are provided solely as a convenience to our Business/Commercial Online Banking customers. Franklin Bank neither endorses nor guarantees in any way the organizations, services, or advice associated with these links or any link found on this page.  Franklin Bank is not responsible for the accuracy of the content found on these sites.

• Federal Communications Commission: 10 Cybersecurity Strategies for Small Businesses

• AccountTakeoverDesc041819 (nacha.org)