Avoid Account Takeovers

Thieves have developed increasingly sophisticated and malicious techniques to steal money. They thwart existing authentication controls, gain control of customer accounts, and transfer funds to people hired to help launder funds and send them overseas -- beyond the reach of financial institutions and law enforcement.


What are account takeovers?

Many account takeover schemes target small- to medium-sized business customers since their account balances are generally higher than consumer accounts and their transaction activity is generally greater, which makes it easier to hide the fraudulent transfers.

Constant vigilance against downloads from unknown sites or clicking on banner ads may be the only ways to avoid becoming an account takeover victim.

An effective tool in the internet thiefís arsenal is keylogging. Keyloggers can be surreptitiously installed on a PC when a customer visits an infected website or by clicks on an infected website banner advertisement or email attachment. Keylogging can also be accomplished via a hardware device plugged into the PC which stores the captured data for later use. Generally small in size and adept at hiding themselves on the userís PC, keylogger files often go undetected by most antivirus programs.

Thieves use keyloggers to steal the logon ID, password, and challenge question answers of financial institution customers. This information alone, or in conjunction with stolen browser cookies loaded on the criminalís PC, may enable them to log into the customerís account and transfer funds to accounts controlled by the thief, usually through wire or ACH transactions.

Other types of more sophisticated malware allow man-in-the middle (MIM) or man-in-the browser (MIB) attacks. In one scenario, the cyber thief is able to intercept the authentication credentials submitted by the customer and log into the customerís account. In another scenario, they do not intercept the credentials, but modify the transaction content or insert additional transactions not authorized by the customer which, in most cases, are funds transfers to accounts controlled by the thief. They conceal their actions by directing the customer to a fraudulent website that is a mirror image of the financial institutionís website, or sending the customer a message claiming that the institutionís website is unavailable and to try again later.  Cyber thieves may have the capacity to delete any trace of their attack from the log files.


Report Fraud

Commerce Bank wants to know if you have experienced any fraudulent activity on your account. Call us at (800) 698-2265 and follow these steps.