Account Takeovers: Everything You Need To Know

Since the onset of Covid-19 and the current global crises, accounting firms have experienced escalating cybersecurity threats and malicious cyberactivity. The Federal Bureau of Investigation’s (FBI) 2020 Internet Crime Report noted the FBI received a record number of complaints from the American public in 2020 and noted cybercrime is trending upward. According to the FBI’s report, business email compromise schemes are reported to be the costliest. CPA firms are at risk of ever-increasing cybersecurity threats because of the sensitive data  CPA firms possess about their clients, as well as information about their clients’ employees, vendors and customers. Cyber criminals are on the prowl for any breaches in cybersecurity practices; which is why it is important to understand what account takeovers are, and how this type of cyberthreat can greatly impact a CPA firm. 

What Does an Account Takeover Mean

An account takeover is a type of online fraud or identity theft in which a cyber criminal is able to illegally gain access to a user’s account credentials. A hacker acts as the real user and is able to “take over” an online account in order to complete malicious acts. Cyber criminals use various techniques to complete account takeovers. 

How Do Account Takeovers Happen?

There are myriad ways account takeovers occur. Some account takeovers are more sophisticated than others. Below are some of the more frequent methods of account takeovers.

• Gain access to an account. Hackers breach an account by guessing credentials or breaking into an account an intruder has previously accessed. SplashData’s 2019 research on worst passwords concluded that computer users continue to use predictable, easily guessable words and alphanumeric patterns as passwords. 
• Use brute force to obtain credentials. A brute force attack is a cyberattack in which hackers use a computer to try different combinations of usernames and passwords until they find one that works.  The computer tries every possible combination of every possible character to find the correct combination. 
• Persuade account users to click a link or download software. Research reported by ZDNet.com explained that hackers who understand human traits such as curiosity or interest can coax even a very conscientious person aware of cybersecurity into clicking on a potentially malicious link. 
• Insert themselves into email conversations. Recent account takeovers have occurred when hackers insert themselves into conversations as emails are sent over the public internet and they attempt to install malware. Many account takeovers begin with hackers using stolen passwords or other seemingly innocuous emails.

• Use malware and viruses to steal data. A common function of malware is to steal data. A virus can record keystrokes when passwords are typed and use the password to access accounts such as banking information. 

Hackers have countless techniques for committing cybercrime. Cyber criminals target diverse accounts and businesses in account takeovers. An account takeover can happen to individuals or businesses—regardless of the size of the entity. 

What’s the Cyber Criminal’s End Game for Account Takeovers?

Cyber criminals have countless reprehensible reasons for account takeovers, as noted below.

• Send out phishing emails. A phishing scam is when a nefarious source targets consumers by sending them an email which appears to be from a reliable source. The hacker asks the consumer to provide personal identifying information. The hacker then uses the information to invade the consumer’s accounts or to open new accounts. 
• Collect personal information. The cyber criminal’s goal is to gather personal information to be used for other types of identity theft such as credit card or insurance fraud. 
• Steal financial information. Hackers are looking for ways to make easy money by selling private information they access from accounts. Stolen information can be sold on the dark web. Cyber criminals conduct account takeovers to complete fraudulent transactions and transfers.
• Infect a computer with ransomware. The cyber criminal infects a computer with malicious malware which prevents access to files, systems or networks, and requires payment of a ransom for their return.
• Access further accounts within an organization. Account takeovers can morph from a personal attack on a singular computer as an entry to compromise an entire system or network.  

The threat of account takeovers continues to evolve as the number of scenarios cyber criminals can use to gain access to victim’s accounts also evolves. It is important for C-suite executives and tech experts to understand their cybersecurity vulnerabilities. 

What can C-suite Executives and Tech Pros Do To Protect Against Account Takeovers?

Accounting firms, with their access to sensitive financial and immense personal client data, are a prime target for cyber criminals. A knowledge of cybersecurity vulnerabilities can help accounting professionals adopt a heightened posture with respect to cybersecurity in order to fight against account takeovers. It is important to use preventive and predictive cybersecurity practices to guard against cyberthreats penetrating a network in order to keep sensitive and confidential data secure. 

• Stay vigilant. Employees need to stay vigilant at all times, which includes never opening emails from unknown sources, regardless if they appear legitimate. It is vital to not click on pop ups or links.
• Follow data protection guidelines. Confirm data is to be shared with outside sources. Comply with protocol regarding locked computers. Make sure personnel have updated knowledge of reporting processes. 
• Use multi-factor authentication. Create an authentication model in which a user must provide two or more pieces of evidence to verify their identity to access a digital resource. However, a major security concern is unauthorized mobile two-factor authentication validations. Employees should never accept a verification notification sent to their phone that they never initiated. Otherwise, hackers with knowledge of their password could gain direct access to their account.
• Enforce a solid password policy. Require personnel to comply with password guidelines which include strong and unique passwords and different passwords on every account. 
• Train employees. Educate employees about the risks of account takeovers and basic prevention measures such as not opening every email they receive. 
• Make sure antivirus protection is updated. It has been reported that 90 percent of cyberattacks occur by email.  A comprehensive antivirus/antimalware strategy as provided by Cetrom is vital to protect a CPA firm from the threat of account takeovers. 
• Have a good backup strategy. CPA firms should have multiple backup plans to include real-time backup and full capacity replication in case of an account takeover or malware infection. Cetrom offers replication of data and backups by performing two daily backups using two disconnected methodologies.  

C-suite executives and tech professionals recognize the profound impact an account takeover would have on a CPA firm. It could be devastating financially and legally. It might also tarnish a firm’s long-term reputation and damage relationships with clients. They understand the importance of trusting a professional cloud-based IT firm such as Cetrom.

How Can Cetrom Help CPA Firms Prevent Account Takeovers?

Cetrom is a well-established IT provider that is 100 percent focused on the cybersecurity of CPA firms. The company’s cloud-based services and cybersecurity measures are designed specifically to protect CPA firms from cyber criminal account takeovers. Cetrom’s cloud-based platform works to prevent, detect, and combat destructive viruses as well as malware and ransomware from malicious actors attempting account takeovers. 

Cetrom offers advanced artificial intelligence security technologies to help prevent such cyberattacks. They provide cybersecurity training for employees, ongoing network support, and 24x7x365 cloud accessibility. Cetrom recognizes that the cybersecurity expertise and support provided to their CPA firms is both preventive and predictive, evolving to address the latest schemes and risks presented by cyber criminals. 

Contact Cetrom today to learn more about how we can help answer your cybersecurity questions and help protect your CPA firm from account takeovers and cyber criminals.