Security Statement Access Accounts Online

 

Corporate Account Takeover

Examples of Deceptive Ways Criminals Contact Account Holders

 

  1. The FDIC does NOT directly contact bank customers (especially related to ACH and Wire transaction, account suspensions, or security alerts), nor does the FDIC request bank customers to install software upgrades. Such messages should be treated as fraudulent and the account holder should permanently delete them and not click on any links.

  2. Messages or inquires from the Internal Revenue Service, Better Business Bureau, NACHA, and almost any other organization asking the customer to install software, provide account information or access credentials is likely fraudulent and should be verified before any files are opened, software is installed, or information is provieded.

  3. Phone calls and text messages requesting sensitive information are likely fraudulent.  If in doubt, account holders should contact the organization at the phone number the customer obtained from a different source (such as the number they have on file, that is on their most recent statement, or that is from the organization's website).  Account holders should not call phone numbers (even with local prefixes) that are listed in the suspicious email or text message.

Resources for Business Account Holders

  1. The Better Business Bureau's website on Data Security Made Simpler: http://www.bbb.org/data-security.

  2. The Small Business Administration's (SBA) website on Protecting and Securing Customer information:http://community.sba.gov/community/blogs/community-blogs/business-law-advisor/how-small-businesses-can-protect-and-secure-customer-information;

  3. The Federal Trade Commission's (FTC) interactive business guide for protecting data: http://www.ftc.gov/bcp/edu/multimedia/interactive/infosecurity/index.html

  4. The National Institute of Standards and Technology's (NIST) Fundamentals of Information Security for Small Businesses: http://csrc.nist.gov/publications/nistir/ir7621/nistir-7621.pdf;

  5. The jointly issued "Fraud Advisory for Businesse: Corporate Account Takeover" from the U.S. Secret Service, FBI, IC3, and FS-ISAC available on the IC3 website (http://www.ic3.gov/media/2010/CorporateAccountTakeOver.pdf) and

  6. NACHA - The Electronic Payments Association's website has numerous articles regarding Corporate Account Takeover for both financial Institutions and banking customers: http://www.nacha.org/c/Corporate_Account_Takeover_Resource_Center.cfm.