Bank Mutual is coming together with Associated Bank. Learn more


Fraud Case Study: Account Takeover

Posted by Mel Toy on Sep 19, 2017 22:00:00 PM

Topic: ALL



At Bank Mutual, we understand how important it is for our customers to protect their businesses. With the average fraud loss totaling $150,0001, without respect of size of business, and with fraud attempts at a record high2, we are committed to providing our customers with the resources, tools and information so that they are well-educated on fraud protection strategies. Working alongside our customers who are headquartered in the state of Wisconsin and Minnesota gives us an advantage to mitigate their risk of fraud. In the event of a fraud, our security and treasury management teams are able to act quickly on behalf of our customers to lessen fraud loss.


Recently, we received an email requesting a wire transfer from a large deposit customer. There were several red flags with this request that immediately put us on alert. First, Bank Mutual has wire procedures in place to help protect customers. As part of these procedures, we require a call-back confirmation to an authorized approver and only authorized persons can initiate a wire transaction. These action items are typically completed in our secure business online banking platform. In order to initiate a wire, one must be logged into this secure platform, which is only accessible after confirming the authorized user’s identity using security checkpoints only that user would know.

The second red flag was the content of the email. The bank office manager that serves this customer noticed that the phrasing of the request in the email did not fit the normal tone and style of the customer. Though the email address, contact information and other company identifying details were correct, the bank office manager sensed that something was off and contacted the customer who confirmed that she had not sent the emails. After speaking with our customer and reviewing the situation, we concluded that this was an account takeover by a fraudster.


After we identified the fraud, we immediately put a protective lockdown on the customer’s accounts while we assessed the extent of the compromise. We then met with the customer to discuss our findings. We were transparent throughout the process, helping our customer understand and feel comfortable about next steps. Major steps included: transferring all present accounts to new account numbers; implementing fraud protection on all old and new accounts; and changing all banking passwords. Throughout the lockdown, we went the extra mile of manually reviewing checks and verifying them with the customer to make sure they were legitimate. We continued this through the entire transition of old to new accounts.

In addition to potential payments fraud vulnerabilities, we recommended that the customer contact their email provider, as they may have been hacked. We went over our fraud checklist with them to make sure all steps within and outside of our control as a financial institution were considered by our customer. The customer agreed how important all these steps were, cooperated with us and took our advice to contact other partners that may have been compromised – company software, email provider, etc.

Finally, our Treasury Team provided resources for cybersecurity outside of the normal banking function. We recommended talking with an insurance expert who would provide resources, such as cyber-insurance for their particular industry and were able to put them in contact with trusted partners.


Fraud does not always occur through payment-methods directly. It can come through a bad link on the web, a virus on infected social sites, or a variety of means through which hackers enter company systems and perform an account takeover.

At Bank Mutual we get to know our customers and their business. Through our dedicated relationship, we have the ability to help deter fraud attempts. We also pride ourselves on educating and being proactive in preparing our customers to deal with the changing business environment and stay vigilant against fraudsters who are aggressively trying to steal from their businesses.

For more information or to get a fraud analysis for your company, please feel free to contact me directly at (414) 257-8216 or


1ACFE 2017
22017 AFP Payments & Control Study