Posted On: August 14, 2025 by Prevail Bank in: Business

You’re Being Targeted --- MUST DOs for Safe Business Banking
Cyber criminals are constantly trying to break into business accounts to extort money – this is called a Corporate Account Takeover, or CATO. With the advantage of artificial intelligence, these attacks are increasing in frequency and sophistication.
The FBI's Internet Crime Report shows just how big this problem is. In 2024, people reported over $16 billion in losses from internet crimes, which is a huge 33% increase from the year before! So, protecting your business is more important than ever.
How Criminals Steal Your Banking Information:
Criminals are using new ways to get their hands on your confidential data. They employ advanced technologies like Artificial Intelligence (AI) and black market services that do not need the level of technical expertise once required.
- Impersonation is still used in the vast majority of malicious activities.
- Phishing emails with malicious links mimic well known businesses such as Microsoft, Netflix, and Norton to convince the victim it is safe to click and respond.
- “Deepfake" technology in video calls and voice messages pretend to be bank employees and business partners tricking employees into giving up passwords or approving fake transactions.
- Malicious software is spreading in new ways now.
- Instead of installing new viruses, attackers are now using tools already on your computer (like PowerShell or WMI) to do their dirty work. This makes it much harder for regular antivirus software to catch them.
- Some advanced malware can infect your devices without you even clicking on anything. Just receiving a bad message or visiting a compromised website can be enough.
- If you have internet-connected devices in your office like smart speakers (Alexa, Ring, etc.) that aren't properly secured, they can become entry points for hackers. Once in, they can move to other computers or servers on your network.
- Attackers can now secretly change your online banking session in real-time, adding fake transactions or altering real ones. It’s almost impossible to notice something is wrong. This happens when there are weaknesses in your network settings or if your browser software isn't up to date.
What Corporate Account Takeovers Look Like:
Once a criminal gets your banking information, they pretend to be you to your bank. Then, they quickly figure out how to steal the most money possible by looking at your account details and past transactions.
- Criminals are using automated programs to quickly send money through wire transfers or ACH payments (like direct deposits) to many different fake accounts, often located all over the world, to make them harder to trace.
- They’re using AI to find smaller business accounts with weaker security systems. They know false automatic bill payments might go unnoticed until it's too late to get the money back.
- With the rise of instant payment systems (like FedNow in the US), criminals are taking advantage of how quickly money can move. They can steal funds almost instantly, leaving very little time to detect the fraud and get your money back.
Warning Signs Your Computer System Might Be Compromised:
While some signs are still the same, new ones are appearing due to how attacks have changed:
- Your computer becomes dramatically slow or constantly sluggish.
- Your screen, desktop icons, or browser settings change unexpectedly.
- Your computer frequently crashes, freezes, or restarts on its own.
- You get strange or unexpected requests for a multi-factor authentication (MFA) code (like a code sent to your phone) while you're online, especially if you didn't ask for one.
- You see constant or unusual pop-up messages, especially those claiming system errors, problems connecting to your bank, or demanding immediate action.
- New or unexpected toolbars, browser add-ons, or programs appear that you didn't install.
- You can't shut down, restart, or update your computer.
- Files or folders appear or disappear unexpectedly, or their permissions change.
- You notice unusual internet activity, like high data usage when your computer is not in use.
- Your webcam or microphone lights turn on when you're not using them.
MUST DOs for Safe Online Business Banking:
To protect your business from CATO attacks, you need a multi-faceted approach. This means using a combination of technology, strong employee training, and careful oversight.
- Review & Improve Business Operations & Procedures:
- Daily Check of Transactions: It's still vital to check your transactions daily. Look into automated tools that can help you spot anything unusual. For large transactions, always have a separate person manually double-check them.
- Strict Duties with Extra Security (MFA): Make sure different people are responsible for different parts of financial transactions. One person starts the transaction, another (using a separate, secure device) approves it, and ideally, a third person verifies it. Use strong Multi-Factor Authentication (MFA) for all online banking logins and for approving high-value transactions. This could involve physical security tokens, fingerprint/face recognition, or codes from an app.
- Report Issues Immediately: Have clear rules for instantly reporting any suspicious activity, unauthorized transactions, or anything that seems off with your computer system to your bank.
- Implement Strong Technical Protections:
- Advanced Firewalls & Network Separation: Use "Next-Generation Firewalls" that can identify and block harmful internet traffic. Also, separate your critical financial systems and data from the rest of your network. This stops attackers from easily moving around your system if they get in.
- Go Beyond Basic Antivirus (EDR/XDR): Don't just rely on old-school antivirus software. Invest in "Endpoint Detection and Response" (EDR) or "Extended Detection and Response" (XDR) solutions. These tools constantly monitor your devices, network, and cloud for threats and can automatically respond. Make sure they are always updated.
- Automated Updates (Patch Management): Automate updates for your computer's operating system, web browsers, and all important programs. This also includes updates for network devices and smart devices. New vulnerabilities appear all the time, so quick updates are crucial.
- Smart Email Security: Use advanced email security systems that use AI to spot sophisticated fake emails, targeted phishing attempts, and "Business Email Compromise" scams, including those that might use deepfake clues.
- Strong Passwords and Password Managers: Require all employees to use strong, unique passwords for every account. These passwords should be complex, long, and changed regularly. Use a trusted business password manager to help employees keep track of them securely.
- Change Default Passwords & Secure Devices: Immediately change all default passwords on your network devices, routers, firewalls, and any smart devices. Also, follow security best practices for all your network equipment.
- Give Only Necessary Access: Limit what employees can do on their computers and servers to only what's absolutely necessary for their job. This reduces the damage if one of their accounts gets hacked.
- No Auto-Login or Saved Passwords: Never use automatic login features or let your web browser save usernames and passwords for online banking or other sensitive financial websites.
- Stay Alert: Never leave a computer unattended while you're using any online banking service.
- Avoid Public Wi-Fi for Banking: Don't access your bank accounts or other financial services using public Wi-Fi networks (like at coffee shops, libraries, or airports). Assume these networks are not secure. If you must access something remotely, use a secure Virtual Private Network (VPN), but ideally, do sensitive transactions from a secure, private network.
- Regular Backups and Recovery Plan: Have a strong plan for regularly backing up your business data (both in your office and off-site, ideally in a completely separate location). Also, have a detailed plan for how you'll recover quickly if your account is taken over or you experience another cyber incident.
- Ongoing Employee Security Training: Conduct and require frequent security training for all employees. Focus on current threats like deepfake phishing, social engineering tricks, and why it's important to report anything suspicious. Use fake phishing exercises to test and reinforce their training.
By putting these updated best practices into action, your business will be much better protected against the increasingly clever Corporate Account Takeover threats in 2025. Being proactive, constantly monitoring, and having a well-informed team are your strongest defenses.
Here are some more helpful resources:
- Federal Trade Commission – Understanding the NIST cybersecurity framework
- Small Business Administration – Strengthen your cybersecurity
- National Institute of Standards & Technology (NIST) - Cybersecurity
- Small Business Cybersecurity Center
- FBI-C3 website
- Wisconsin Department of Agriculture – Scam and Fraud Tips
At Prevail Bank, your financial health is our priority.