Protect Your Business Online
Corporate account takeover is the business equivalent of personal identity theft.
Hackers, backed by professional criminal organizations, are targeting small and
medium businesses to obtain access to online banking service credentials or gain
remote control of their computers. Using these sophisticated techniques to take
over your accounts, hackers will then attempt to gather personal information about
your business or try to transfer money from the compromised bank accounts, funneling
the funds through "mules" that quickly redirect the monies overseas into hackers'
As a business owner, you need an understanding of how to take proactive steps to
avoid, or at least minimize, most threats.
Online Business Banking Best Practices
- Use the latest versions of system and applications current with updates from the
vendors' websites. For example, use Windows® update feature and install
any critical updates and service packs that are available. Enable with "pop-up"
- Use virus and spyware protection software and keep it up to date in order to detect
- Use a software and/or hardware firewall to protect your computer from network intrusion.
- Make sure that any wireless network to which you connect your computer is secure
and requires data encryption.
- Do not download files, install software or open email attachments from unverified
or unknown sources.
- Use a dedicated computer for financial transaction activity. DO NOT use this computer
for general web browsing and email.
- Turn off your computer when not in use.
- Do not batch-approve transactions; be sure to review and approve each one individually
prior to approving and transmitting.
- Review your banking transactions regularly.
- Utilize online business banking account activity alerts.
- Set time restriction access on users' access.
- Request IP Restrict to limit access to your online business banking by IP address(es).
- Enforce dual wire controls and/or ACH dual controls for users.
- Limit number of users with administrative access.
- Only use the administrator login profile for managing users – not for general use.
- Perform a routine audit of your network and security controls you have in place.
Download and install Trusteer Rapport™ Internet browser protection free from Lewiston State Bank.
Lewiston State Bank will never solicit your personal information by phone, auto-dialer,
text message, email or providing links within an email requesting that you update
your information. You will not receive any email notification asking you to click
a link or visit a website to unlock your account or to provide any private information
unless otherwise requested by you through the Online Banking password self-reset
feature. If you receive an email or phone call requesting confidential information
from someone claiming to represent Lewiston State Bank, please do not respond.
Please be aware of these types of
phishing scams designed to obtain information from you.
Report Fraud or Suspicious Activity