Increased Suspicious Activity Aimed at Corporate Online Banking Platforms

December 2009

One of our highest priorities is ensuring our customers' online banking safety and security. There have been various reports in the news recently regarding increased occurences of "corporate account takeover" attempts. As a result we want to make you aware of the associated risks and provide suggestions for safeguarding your business's assets and information.

"Corporate account takeover" is when cyber-thieves gain control of a business's bank account by stealing the business's valid online banking credentials. Although there are several methods being employed to steal credentials, the most prevalent involves malware (malicious software) that infects a business's computer workstations and laptops.

A business can become infected with malware via infected documents attached to an e-mail or a link contained within an e-mail that connects to an infected web site. In addition, malware can be downloaded to users' workstations and laptops by visiting legitimate websites - especially social networking sites - and clicking on the documents, videos or photos posted there. This malware can also spread across a business's internal network.

Here are some recommendations to help protect your business from becoming a victim of corporate account takeover:

1. Initiate ACH and wire transfer payments under dual control. For example:

• One person authorizes the creation of the payment file.
  
• A second person authorizes the release of the file.

2. Ensure that all anti-virus and security software and mechanisms for all computer workstations and laptops that your business uses for online banking activities are robust and up-to-date.

3. Restrict functions for computer workstations and laptops that are used for online banking activities:

• For example, a workstation used for online banking should not be used for general web-browsing and social networking.
  
• A better solution is to conduct online banking activity including payments from a dedicated computer that is not used for other online activity, and/or is not connected to an internal network.

4. Monitor and reconcile accounts daily. Many business clients do not reconcile their bank accounts on a daily basis, and therefore may not recognize fraudulent activity until it is too late to take action.

To report suspicious activity or if you have questions about this notice, please contact our Customer Service Center at 847-653-7974.

Thank you,
Cole Taylor Bank

Terms & Conditions  |  Privacy Policy

Member FDIC  |   Equal Housing Lender |  Copyright 2007  |  All rights reserved