If someone you hadn’t met before asked you to provide them with your corporate account details, you’d instantly become suspicious. Many people understand how important it is to keep their login details, data, and files confidential. It’s also well-understood that the corporate purse strings must be carefully controlled by authorised users. However, these situations are rarely that simple. Cyber attackers don’t just ask for your account credentials—they take them in any way they can.
Corporate account takeover is a type of workforce identity theft where an unauthorised user gains access to a corporate bank account. Once the attacker breaches the account, they have free rein to siphon off funds into their own accounts or steal sensitive customer information for further attacks.
These attacks are only becoming more common and more consequential. Corporate account takeovers in the US tripled in 2017, and increased an additional 35% in the first half of 2018. The good news is that organisations are not powerless to prevent corporate account takeover—they just have to educate and prepare themselves to know how to detect and respond to a takeover attempt.
What Leads to Corporate Account Takeover?
One of the biggest misconceptions about cyber attacks is that they are all highly technical. In reality, many attackers rely on deception to trick users into surrendering their login details. The same is true of corporate account takeover. Examples of authentication attacks that lead to corporate account takeover include:
- Phishing schemes: Attackers can send emails and texts that seem like the communications of trusted financial institutions. Unsuspecting users then enter their login information, effectively handing over their account details to the attacker.
- Spear phishing campaigns: Attackers research and pick a target and create messaging specifically to manipulate them into providing their login information.
- Password spraying: Hackers gather lists of commonly-used passwords and try the same common password across multiple accounts, eventually gaining access.
- Credential stuffing: Attackers obtain credentials thanks to website breaches or password dump sites, and then use automated tools to test if these credentials will lead to a successful login.
Preventing Corporate Account Takeover
Preventing corporate account takeover means defending against these cyber attacks, and that requires a combination of technology and education. We recommend the following steps:
- Prepare all users: Anyone could be targeted for attack, even employees without direct access to corporate finances. Train everyone in your organisation on how to spot potential phishing emails or malware-infected websites. Have users report any suspicious communications so that you can track how you’re being targeted.
- Follow best practices: Account takeover attacks are evolving all the time, and while users may not spot every threat, they can avoid many invisible ones simply by following best practices. These include keeping passwords totally confidential—or avoiding them altogether—and only signing into corporate accounts on trusted networks.
- Implement multi-factor authentication: Passwords are easily compromised, but users can fortify their accounts by using multi-factor authentication. By requiring the user to submit a second authentication factor, like a biometric identifier, organisations can block unauthorised access attempts.
- Take context into account: With contextual access management policies, organisations can further shield their user accounts from access breaches. They can prompt users for additional authentication factors, or deny access altogether, if a login attempt comes from an unproven or logically implausible device, IP address, network, or location.
Corporate account takeover is trending to become an increasingly large problem, but that doesn’t mean your organisation has to fall prey. With these strategies and solutions, you can safeguard your user accounts and keep your finances and information safe. Read more about how to protect your credentials and avoid fraudulent account takeover.