We want you to be aware of a growing type of online fraud that is impacting both individuals and businesses worldwide.
There has been a shift in the online criminal world from primarily targeting individuals to increased targeting of businesses, stealing valid Internet Banking credentials belonging to small and medium-sized companies to transfer funds fraudulently.
Sophisticated identity thieves are now targeting home and business computers to access confidential and sensitive information. Once these criminals are able to tap into your computer system, they can acquire your Login IDs and Passwords through key logging spyware and pose as you to access your online accounts, including your bank accounts, and conduct unauthorized transactions that appear to be a legitimate transaction conducted by the company or employee. This type of crime is known as "corporate account take over."
Internet Banking Impact
With respect to Internet Banking, the greatest threat from this type of fraud is that the criminal will use the information obtained from the key logging spyware to transfer funds electronically from a deposit account using wire transfer, Bill Pay, or Automated Clearinghouse (ACH). Funds withdrawn from the account are typically routed to banks in the U.S. and credited to accounts opened by the criminals or their accomplices. The funds are then promptly withdrawn or wired overseas, making recovery extremely difficult.
It is important for you to understand and remember that, according to our Electronic Banking Access Agreement, we consider a transaction to be authorized by you and will honor online instructions we receive when the proper Login ID and Password are given. We will not be liable for losses if your Login ID and Password are stolen through an unprotected computer, except where required by law.
How the Scam Typically Works
This identity theft technique does not involve a breach of the bank’s security systems — instead, it is typically carried out via mass emails, pop-up messages that appear on their computers, and/or the use of social networking and Internet career sites. For example, a “spear phishing” email is unsolicited, directly names the recipient correctly and contains either an infected file or a link to an infectious website. The email recipient is generally a person within a company who can initiate funds transfers or payments on behalf of the business.
Criminals often employ some type of scare tactic to entice the employee to open the email and/or provide account information. Once the user opens the attachment or clicks the link to open a website, malicious software (or "malware") is covertly installed on the user’s computer. This malware consists of a keystroke logger or screen shot capability, which captures the user’s credentials and sends it to the criminals.
Many types of spear-phishing have been used by criminal groups including:
- Messages impersonating legitimate businesses such as:
- Better Business Bureau (e.g., “A complaint has been filed against you.”),
- U.S. Court System (e.g., “You have been served a subpoena.”),
- UPS (e.g., “There has been a problem with your shipment.”) or
- Financial Institutions (e.g., “There is a problem with your banking account.”)
- Making the email appear to be providing information regarding current events such as natural disasters, major sporting events, and celebrity news.
- Sending a fake friend request on a social networking site with an infected "accept" button/link.
- Using email addresses or other credentials stolen from company websites or victims, such as relatives, co-workers, friends, or executives and designing an email to look like it is from a trusted source to entice people to open emails and click on links.
- Or by simply visiting a legitimate, yet compromised, website could install malware on your computer(s).
This threat is not limited to the Login ID and Password you use to access Internet Banking, it also extends to every account or website you access by use of a Login ID and Password (i.e. brokerage accounts, online merchant accounts, etc). The biggest challenge is that it will be difficult for you to detect the presence of key logging spyware on your computer or determine whether your Login IDs and Passwords have already been compromised.
So How Do You Protect Yourself?
We strongly advise you to consider the following actions in order to guard your information and finances as securely as possible.
Educate everyone within your company about this type of fraud scheme.
- Don’t respond to or open attachments or click on links in unsolicited emails.
- If a message appears to be from your financial institution and requests account information, do not use any of the links provided. Call the financial institution using the information provided upon account opening to determine if any action is needed. Financial institutions do not send customers emails asking for passwords, credit card numbers, or other sensitive information.
- Be wary of pop-up messages claiming your machine is infected and offering software to scan and fix the problem, as it could actually be malicious software that allows the fraudster to remotely access and control your computer.
- Be suspicious of emails purporting to be from a government department or other agency requesting account information, account verification, and/or login credentials. Click here for more information.
- Make sure your employees know how and to whom to report suspicious activity to within your company and at your financial institution.
Enhance the Security of Computer Hardware & Software
- Ensure all computers are protected with up-to-date, real-time anti-virus and anti-spyware desktop firewall and malware detection and removal software and scan for viruses regularly. Click here for more information.
- Do not use public Internet access points (e.g., Internet cafes, public wi-fi hotspots (airports), etc.) to access accounts or personal information. If using such an access point, employ a Virtual Private Network (VPN).
Establish Computer Best Practices, such as:
- Minimize the number of, and restrict the functions for, computer workstations and laptops that are used for financial activity (Internet Banking, payments, remote deposit, etc). A computer used for Internet Banking should not be used for general web browsing, emailing, and social networking. Conducting financial activity from a dedicated computer that is not used for other online activity will help establish a more secure environment to protect your financial information.
- Limit administrative rights on users' workstations to help prevent the inadvertent downloading of malware or other viruses.
- Consider clearing the browser cache before starting an Internet Banking session in order to eliminate copies of web pages that have been stored on the hard drive. How the cache is cleared will depend on the browser and version. This function is generally found in the browser's preferences menu.
Establish User Best Practices, such as:
- Create a strong Password with at least 10 characters and include a combination of mixed case letters, numbers, and special characters.
- Prohibit the use of "shared" Login IDs and Passwords; never share a Password with third-parties.
- Use a different Password for each Website that is accessed.
- Change Passwords a few times each year.
- Never leave a computer unattended while using any online banking or investing service.
- When logging into your Internet Banking, if something looks different or unusual, call the financial institution using the information provided upon account opening to determine if any action is needed.
Establish Account Controls, such as:
- Reconcile all banking transactions on a daily basis
- Setup dual authorization controls for all ACH and wire transfer payments with a separate originator and authorizer through Landmark Bank's Internet Banking (Internet CFO®). Use two different computers, if possible.
- Setup transaction dollar limits for all ACH and wire transfer payments with dual authorization controls through Landmark Bank's Internet Banking (Internet CFO®).
- Immediately escalate any suspicious transactions to the financial institution. There is a limited recovery window for these transactions and immediate escalation may prevent further loss.
If you suspect you are a victim of fraud or identity theft, learn what you need to do, and contact our Fraud Department or call toll-free (866) 256-8700.