Understanding Business Account Takeover

How Attacks Happen

Cybercriminals target victims using social engineering in an attempt to lure and trick business employees into installing malware. Once the malware is downloaded onto the employee’s computer it will run unnoticed until it can capture the employee’s business online banking credentials. The cybercriminal will then log into the business’s online banking account to create and transmit unauthorized Electronic Fund Transfers (EFTs), normally ACH or wire, to an account they control. To better understand the challenges facing online security within the financial institution industry, watch: PBS News Hour; Online Crime a Cat-and-Mouse Game for Hackers & Security Companies.

Case Study

IT Firm Loses $100,000 to Online Bank Fraud:

"A New Hampshire-based IT consultancy lost nearly $100,000 after thieves broke into the company's bank accounts with the help of 10 co-conspirators across the U.S.

Hudson, N.H. based Cynxsure LLC received a voicemail message from its bank, Swift Financial, a Wilmington, Delaware institution that focuses on offering financial services to small businesses. The message said to contact the bank to discuss an automated clearing house (ACH) payment batch that had been posted to Cynxsure's account. The next day, Cynxsure's owner Keith Wolters returned the call and learned from Swift that someone had put through an unauthorized batch of ACH transfers totaling $96,419.30.

The batch payment effectively added 10 new individuals to the company's payroll, sending each slightly less than $10,000. None of the individuals had any prior business or association with Cynxsure."