Protecting Against Corporate Account Takeover

What is Corporate Account Takeover?

Corporate account takeover is a form of business identity theft in which an unauthorized party gains access to a company’s bank accounts. Once access is obtained, the attacker can initiate fraudulent transactions, transfer funds, or steal sensitive customer data for use in additional attacks. This is carried out through digital channels, making it a form of cyber fraud.

This type of fraud is a growing concern, particularly for small and mid-sized businesses. It's important for organizations to understand the risks and implement proactive security measures to help reduce their exposure.

What Leads to Corporate Account Takeover?

A common misconception about cyber fraud is that it’s always complex or highly technical. In reality, many attackers rely on social engineering—deceptive tactics that trick users into giving up their login credentials. Common authentication-based attack methods include:

  • Phishing: Attackers send emails or texts that appear to come from legitimate financial institutions. When recipients enter their login information, they unknowingly give attackers direct access to their accounts.
  • Spear phishing: A more targeted form of phishing, where attackers research specific individuals and craft convincing messages designed to manipulate them into revealing sensitive information.
  • Password spraying: Instead of targeting a single account with many password guesses, attackers use a small list of common passwords and try them across many accounts, looking for one that works.
  • Credential stuffing: Using login credentials obtained from previous data breaches, attackers use automated tools to try those username-password combinations across multiple websites or systems.

How do I protect myself and my business?

Each business should assess its risk of Corporate Account Takeover and develop a plan that incorporates best practices to help prevent and reduce that risk. The best practices outlined in this guide are intended to serve as a starting point and reference, but they may not represent every step a business should take to address these risks. While following these practices won’t guarantee complete protection, they can make it significantly more difficult for criminals to target your business.

Computer and Internet Security

System Security

Businesses should use appropriate tools to prevent unauthorized network access and regularly update them. Recommended tools include firewalls, security suites, anti-botnet, anti-malware, anti-spyware software, and encryption for laptops, hard drives, VPNs, and communication channels. Educating all computer users about responsible internet use is also essential.

Online Banking Safety

For secure financial management, dedicate a single computer exclusively to online banking and cash management. This device should be isolated from the business network and be used only for banking. Avoid using this computer for web browsing, email, or social networking.

Always verify that banking sessions use secure “https” connections. Avoid conducting online banking over public Wi-Fi, such as at airports or cafes. If the online banking interface appears unusual or suspicious, stop immediately and contact the financial institution directly.

Employee Education

Train all employees on cybercrime risks, emphasizing that even one infected device can compromise the entire network. For example, malware picked up on a laptop used offsite can infect the business network upon reconnection.

Encourage critical thinking when handling emails or phone calls—employees should ask, “Does this make sense?” and avoid opening suspicious emails or attachments. Links and compressed files may contain malware; suspicious messages should be deleted without interaction.

Advise employees to verify any unexpected requests for login credentials or sensitive information by contacting the institution directly, not by replying to the message or using provided links. Remind them that legitimate financial institutions or government agencies never ask for passwords, PINs, or similar data via email or phone.

Website Access

Block access to unnecessary or high-risk websites and personal email on work computers. Consider using whitelisting tools to restrict browsing to approved sites only. Promptly deactivate or remove access for employees who no longer require it due to role changes or departure. Require strong, regularly updated passwords for all user accounts, including online banking.

User Accounts

Create individual user accounts for all employees and limit administrative privileges to reduce malware risks. Many malicious programs require admin rights to install; restricting these rights can prevent unauthorized software downloads. Utilize online banking features to set transaction limits, reducing the potential impact of fraudulent payments or transfers.

Stay Informed

Stay up to date on the latest Corporate Account Takeover threats and defense strategies. Cyber threats evolve quickly, so regularly monitor industry alerts and fraud resources to adapt your security measures accordingly.


Online Banking Account Security

Dual Control

Businesses should implement dual control for payment processing, assigning separate employees to initiate and authorize transactions. Ideally, one employee creates the payment file, while another, using a different computer, approves and releases it. Avoid allowing employees to both initiate and authorize payments using administrator credentials.

Reconciliation

Accounts should be reconciled online daily, with particular attention to pending or recently sent ACH files and wire transfers.

Account Services

Take advantage of security services offered by First Federal Bank of Kansas City, such as positive pay. Work with us to identify and implement the most appropriate protections.

Monitoring and Reporting Suspicious Activity

Regularly monitor account activity and promptly report any suspicious transactions or behaviors—such as logins at unusual times, creation of new user accounts, or unauthorized transfers—to First Federal Bank of Kansas City. Early reporting enables the bank to block access and investigate potential fraud quickly.

Credential Management

Avoid using administrator credentials for everyday transaction processing. Attackers who gain access to these credentials can create fraudulent user accounts and transactions or even lock legitimate users out of the system.

What to Do If You Are a Victim of Corporate Account Takeover

  • Monitor and Isolate
    Regularly review all accounts to detect unauthorized activity. Immediately stop using any computer systems suspected of being compromised by disconnecting them from the internet or network.
  • Notify Us
    Contact First Federal Bank of Kansas City right away if you believe your login credentials have been compromised. Request to:
    • Disable online account access
    • Change online banking passwords
    • Open new accounts if necessary
    • Have the bank’s security officer and auditor review recent transactions, electronic authorizations, and online bill pay
    • Verify no unauthorized address changes, check orders, or debit card requests have been made
    • Temporarily hold all transactions until verbal confirmation is provided
  • Document Everything
    Keep a detailed written record of the incident, including what happened, losses incurred, and all communications with banks, law enforcement, and other agencies. Note dates, times, contacts, report numbers, and instructions received.
  • Engage Experts and Authorities
    Work with law enforcement to investigate affected equipment. File a police report, providing full details of the incident. Obtain the report number, officer name, and contact information. A police report supports insurance claims, bank investigations, and may lead to criminal prosecution and recovery efforts.

If at any time you have questions regarding security or possible fraud, please contact one of our customer service representatives at (816) 245-4225 or via email at digitalbanking@ffbkc.com.

Additional Resources

We encourage our business customers to use the following resources to create comprehensive cyber security policies and to stay up-to-date on best practices.

Federal Trade Commission Protecting Small Businesses

Federal Communications Commission Cyber Security for Small Businesses

Better Business Bureau’s Cybersecurity HQ

+

You are now leaving First Federal Bank of Kansas City

Our website/mobile terms, privacy and security policies do not extend to the website or app accessed through this link, and First Federal is not responsible for the content on any third-party website or app. Click "Yes" to leave our website.

Yes