What is a Corporate Account Takeover (CATO) Attack?
Much like a traditional account takeover attack, a Corporate Account Takeover involves a bad actor gaining unauthorized access – and control over – a financial account. The difference between a CATO and an ATO is that this type involves the takeover of a business’s account (or accounts), as opposed to an individual’s. Once they have access, the attacker may transfer funds using ACH or wire transactions to their own accounts and may make regaining access to the account difficult by changing authorizations and credentials.
How to Recognize This Threat: Attackers typically attempt corporate account takeover attacks by stealing employee usernames, passwords, or personal info allowing them to gain access. This theft can come in many forms, including social engineering emails or social media activities, credential stuffing, or brute force or botnet attacks to try numerous password combos quickly. Top corporate targets tend to be purchasing, HR, IT, and management due to their level of organizational access.
How to Prevent This Threat: Training employees to be cyber secure is a key starting point. They should be able to recognize phishing attempts and avoid falling for them. Password hygiene is key as well, as employees should use strong passwords & vary them regularly. Additionally, implementing multi-factor authentication can make it especially tough for a bad actor to gain access, even if they’ve successfully stolen a username/password combo. To further protect your organization, get a strong email security solution to catch many phishing emails before they get to employee inboxes. A web application firewall can also help recognize and stop account takeover attempts.