It's not a matter of if - it's a matter of when. Stay informed and stay safe.
Businesses have the extra responsibility of protecting their customers' information. Click below to find out more about protecting your customers from email compromises, corporate identity theft, and internet fraud as well as the measures Southside takes to prevent online crime.
The act of using someone's personal information illegally and without their knowledge to obtain bank accounts, credit cards, loans, make purchases, or file false tax returns.
Individuals masquerade as legitimate companies and send what looks to be an official message that requests you "update" or "verify" any other sensitive information.
Corporate Account Takeover (CATO) is a form of corporate identity theft where cyber thieves gain control of a business’ bank account by stealing employee passwords and other valid credentials.
Email account compromise (EAC) is a form of fraud perpetrated on consumers and businesses in an attempt to get you to send funds transfers, ACH transfers and/or check payments. Email account compromise perpetrated on business customers is known as Business Email Compromise or BEC.
The fraudsters find their targets primarily through social media, publicly available company email accounts or social engineering. After the email addresses are harvested, a series of phishing or malware attacks are sent hoping a recipient will click on a hyperlink or open an infected attachment that will allow control of the email account.
If successful, the criminals will divert email conversations so that they are in total control without the victim knowing. They gain access to past email history and the victim’s contacts and customers. For BEC schemes they will target higher level employees within an organization that have funds transfer authority. They will send instructions from the compromised email address to send funds transfers, change payroll account numbers, create new ACH and Bill Pay recipients, or request cashier checks.
How can I protect myself?
Stay up-to-date on current email compromise fraud trends at https://www.fbi.gov/BEC.
There are many ways a business can see fraudulent activity, but one of the faster growing methods is via online banking. Corporate Account Takeover (CATO) is a form of corporate identity theft where cyber thieves gain control of a business’ bank account by stealing employee passwords and other valid credentials. Thieves can then initiate fraudulent wire and ACH transactions to accounts they control. Businesses with limited or no internal computer safeguards and disbursement controls for use with the bank’s online banking system are vulnerable to theft when cyber thieves gain access to their computer systems, typically through malicious software (malware). Malware infects a business’ computer system, not just through ‘infected’ documents attached to an email, but also simply when an infected website is visited. Businesses across the United States have suffered large financial losses over the last few years from electronic crimes through the banking system. Southside Bank has established safeguards to help the bank identify and prevent unauthorized access to your account; however, a shared responsibility between the bank and customer is the most effective way to prevent CATO.
Consider these tips:
Southside will continue to monitor online activity closely and appreciates all of the efforts of our customers in preventing online Cyber Crime. Please don’t hesitate to contact us with any questions regarding Corporate Account Takeover as well as any other security issue.
"Phishing" - What is it?
Phishing is a form of criminal activity where individuals pose as legitimate entities to try to obtain or "fish" for personal information.
How does it work?
Individuals masquerade as legitimate companies and send what looks to be an official email, instant message, or fax requesting you "update" or "verify" credit card numbers, bank account information, Social Security numbers, passwords, and any other sensitive information. They will establish what financial institution you are affiliated with and send an official looking email from your bank to get account information.
"Pharming" - What is it?
Pharming is a criminal activity where a website's information is acquired and traffic on that website is directed to another location in order to obtain personal information.
How does it work?
If an individual wants to obtain information illegally they will set up a fraudulent website that looks like the real web site in almost every aspect. They will then use "phishing" tactics to entice people to the website to divulge personal information such as pin numbers, account numbers and passwords.
Please Note: Southside Bank will NEVER send an unsolicited email requesting you to verify your personal information.
How can I protect myself?
As with all financial transactions, please exercise discretion when using an ATM or night deposit facility. For your own safety, be careful.
The following suggestions may be helpful:
©1994 Bankers Systems, Inc., St. Cloud, MN; Form UP-ATM-BRO
Click below for information on how to better protect yourself and your family from email compromises, identity theft, and internet fraud as well as the measures Southside takes to prevent online crime.