Security Articles & Alerts
March 20, 2025

What is Corporate Account Takeover?
Corporate Account Takeover is a type of business identity theft where cyber thieves gain control of a business’ bank account by stealing employee passwords and other valid credentials. Thieves can then initiate fraudulent electronic funds transfers, commonly wires or ACH transactions and/or steal sensitive information that may not be recoverable.

How could my information become compromised?
Cyber thieves commonly target small businesses because many lack firewalls and monitoring systems. Information is obtained through phishing, phone calls, and even social networks. It is common for thieves to send emails posing as a trusted party, for example; a bank, a colleague, delivery company, court or the Better Business Bureau. Once the email is opened, malware is loaded on the computer which then records login credentials and passcodes and reports them back to the criminals.

Best Practices

Educate all employees on this type of fraud scheme:

  • Review risky behavior with employees, especially when opening unsolicited emails.
  • Educate employees on what suspicious websites and malicious “computer optimization” software looks like.

Enhance the security of computer networks:

  • Minimize the number of machines used for various business functions. Consider conducting online banking on dedicated machines segregated from other business functions.
  • Always lock computers when unattended, especially those with administrator access.
  • Install and maintain anti-virus, anti-malware and anti-spam programs that periodically scan file systems.
  • Utilize firewalls and routers to restrict network access.
  • Ensure that programs are consistently updated through an organized patching process.
  • Consider creating regular backup copies of system files.
  • Encrypt hard drives if possible, and if not, encrypt important documents including those containing sensitive information.
  • Avoid utilizing open internet access points for internet connectivity.
  • Be aware of emerging information security threats and what measures can be taken to mitigate the risk of unauthorized intrusion.

Enhance processes and procedures for corporate banking activity:

  • When conducting Automated Clearing House ACH or wire transfer activities, utilize dual controls through two separate computers.
  • Verify confirmation channels for approval and notification of activity
    with your financial institution.
  • If for any reason your account information or settings have been changed without proper authorization, contact your financial institution immediately.

Understand responsibilities and liability:

  • Ensure that you understand the account agreement you have entered into with your financial institution. Understand how liability is determined for cases of fraud.

What to do if a breach is suspected:

  • Cease all online activity and remove any compromised systems from the network.
  • Ensure all proper authorities are contacted, such as senior management at your firm, information technology personnel, banking institutions, and the police.
  • Maintain a written log of events that have transpired since abnormal
    activity was detected.
  • Consider what kind of data might have been accessed by the intruding party.
  • File a police report and provide any facts known about the circumstances surrounding the loss.

Below are some steps you can take to ensure your computer is hardened against a cyber threat.

  • Keep Your Software Up to Date: Ensure that your operating system, applications, and antivirus software are always up to date. Cyber attackers often exploit known vulnerabilities in outdated software.
  • Enable Firewall Protection: A firewall helps monitor and control incoming and outgoing network traffic, acting as a barrier between your computer and potential threats.
  • Use Antivirus and Anti-Malware Software: Install reputable antivirus and anti-malware software on your computer and keep it up to date. These programs can help protect against viruses, worms, Trojans, and other malicious software.
  • Encrypt Your Data: Use full-disk encryption to protect the data on your computer from unauthorized access. Modern operating systems offer built-in encryption options.
  • Regularly Backup Data: Backup your important data and files regularly to an external drive or a secure cloud service. In case of ransomware or other data loss incidents, having a backup can be a lifesaver.Set Screen Locks and Biometric Authentication: Use PINs, passwords, patterns, or biometric authentication such as fingerprint or facial recognition.

If you need more information or any other assistance, please call The Village Bank’s Digital Banking department at (617) 340-1234.

You are now leaving The Village Bank

Weblinks – By clicking the link to an outside URL, you will enter a web site created, operated and maintained by a private business or organization. The Village Bank provides this link as a service to our website visitors. We are not responsible for the content, views, or privacy policies of this site. We take no responsibility for any products or services offered by this site, nor do we endorse or sponsor the information it contains. Village Bank is not responsible for the accessibility of this link. Email – Email is not secure. Time-sensitive requests or private information, such as account numbers, should not be sent via email.

You will be redirected to

Click the link above to continue or CANCEL

Skip to content