Cyber-criminals employ various technological and non-technological methods to manipulate you or other victims into divulging your personal or business information. Such techniques may include performing an action, such as persuading you to open an email attachment with a virus, accept a fake friend request on a social networking site, or visit a legitimate, yet compromised, website that installs malware on your computer(s).

Modern cybercrime is about money. Cyber criminals are targeting the financial accounts of owners and employees of small and medium sized businesses who are not cyber savvy, resulting in significant business disruption and potential monetary losses.

Having protection software is only half of the equation. No single layer of protection is enough; you need a layered security approach, especially when employees are engaging in risky or potentially unsafe behavior online.

The best practices developed in this handout are intended to raise your awareness of ways to help your business employees better manage today’s online risks:

  • Protect
  • Detect
  • Educate


Secure your Business’s Network of Computers

Dedicate a Computer – Minimize the number of, and restrict the function for, computer workstations and laptops that are used for online banking and payments. Better yet, consider using a stand-alone computer that isn’t connected to your network to perform your online banking transactions.

If a stand-alone is not possible, then ensure that each user of online services uses his/her own device (desktop computer, laptop or mobile) and their own password. Do not share computers for accessing financial services. Sharing a computer that has become infected places the login and transaction credentials of all users of that computer at risk of theft and unauthorized use. A workstation used for online banking should not be used for general web browsing, e-mailing, and social networking.

Protection Software – Install and maintain real-time antivirus, anti-spyware, firewall, and malware detection and removal software. Use these tools regularly to scan your business network and allow automatic updates for your operating and software systems. Be sure your virus detection software, personal firewalls, adware and spyware-blocking software are up-to-date, and all updates and security patches have been installed.

Also, be sure that every computer that accesses the Comerica Business Connect (CBC) portal, or any other Comerica online business services, has the Trusteer Rapport Security Software downloaded and the maximum protection settings are selected. Rapport is a free download that provides a wall of protection for the user’s computer to help block outside access and tampering. Do not ignore warning messages from security software that a potential virus has been detected. Take immediate action.

The Comerica Business Connect portal is only compatible with browsers that are configured to use the industry standard TLS1.2 encryption protocol. This security protocol provides privacy and data integrity through the browser while the user is on the internet. Note: Please be mindful that not all applications have yet migrated to this new industry standard. Check with your IT team to ensure your security settings are set to match the requirements of the applications in use.

Secure Business Devices – Never leave your devices unattended. If you need to leave your computer, phone, or tablet for any length of time—no matter how short—lock it up so no one can use it while you’re gone. If you keep sensitive information on a flash drive or external hard drive, make sure to lock it up as well.

Physical Cyber Safety – Be conscientious of what you plug in to your computer. Malware can be spread through infected flash drives, external hard drives, and even smartphones.

Firewalls – Install this hardware to prevent unauthorized access to your network and create a strong password.

Back-up – Have a contingency plan to recover files on your business computers that were lost due to a catastrophic system/hardware failure. What if there is no preservation of data and everything was erased? Develop a scheduled weekly or daily plan to back-up important business files and secure the back-up disks or external hard drives. Don’t forget to test your plan and verify your data will be restored.

Wireless – Do not use public internet access points (e.g. public Wi-Fi hotspots found in airports, government buildings and restaurants) to access accounts or sensitive business information. If this type of access is needed, employ a Virtual Private Network (VPN) and make sure your transmissions are encrypted.

Mobile – Be careful using mobile devices and tablets. While convenient, information technology experts say that in many ways, mobile devices are more vulnerable to unwanted access and data loss that can result in identity theft, as well as access to confidential information and banking accounts.

User IDs, Tokens and Passwords – Do not share your secure User ID and password with anyone, even with a co-worker. Comerica will ask for your User ID when you initiate a call, but Comerica will never ask for your password.

  • In the event of an absence, make sure key employees have a trained backup who has their own ID and password available to continue banking business as usual.
  • Don’t forget to delete employee IDs and passwords when they leave the business or change responsibilities. Regularly review an active access list and determine any changes to privileges that may be needed.
  • Create strong passwords, not something that is easily guessed. Try using a sentence with punctuation, special characters or a mix of letters and numbers.
  • Change your passwords often and ensure that they are not written down.
  • When you sign into a webpage and are given the option to save your password, select “No”.

Dual Control creates safety checks – Initiate ACH and wire transfer payments under dual control using two separate computers. For example: one person authorizes the creation of the payment file and a second person authorizes the release of the file from a different computer system.

Note: This helps ensure that one person does not have the access authority to perform both payment functions. Additionally, dual control will ensure that one person cannot give themselves additional authority or create new user IDs.

Comerica requires dual approval for any type of system-initiated payment. With dual approval, an administrator or user cannot act alone to both initiate and approve/release payments. It is important that you identify who in your company will have the ability to initiate payments and who will have the ability to approve/release payments.

Depending if your company uses single or dual user authorization determines the authority that the primary administrator has for entitling additional users and/or administrators at your company.

Block Sites – Consider enlisting the help of an internet service to automatically block sites that employees do not need to access for business purposes (e.g. social networking sites, blogs and free software sites) to reduce the risk of downloading malware or spyware.


Monitor and reconcile your accounts regularly – Reviewing accounts regularly enhances the ability to quickly detect unauthorized activity. The quicker this activity is detected, the sooner you can take action to prevent or minimize losses.

Note: If you detect suspicious activity, immediately cease all online activity and disconnect the Ethernet cable and/or any other network connections (including wireless connections) to isolate the system from the network. Immediately call your financial institution to report the suspicious activity.

Note any changes in the performance of your computer(s)

  • Significant loss of speed.
  • Computer “locks up” so the user is unable to perform any functions.
  • Unexpected rebooting, restarting or the inability to shut down.
  • Unexpected request for a one-time password, token, or other information in the middle of an online session.


Ask questions – Treasury Management is here to help. Please use the Treasury Management Relationship Services phone number at 800.852.3649 to speak with a trained product specialist from 9:00 a.m. to 7:00 p.m. ET.

Continuously educate employees – Cybercrimes are constantly changing, so software and fraud prevention solutions have to change as well to stay ahead of the game. Determine if you are taking advantage of all the fraud solution options that Comerica offers its business customers.

  • Watch our Fraud Awareness videos, Cyber Security 101 at
  • Read Comerica’s summary regarding Business Email Compromise (BEC) fraud – a scam that is carried out when someone compromises, or spoofs, legitimate business email accounts through social engineering or computer intrusion techniques:
  • Stay abreast of current fraud risks publicized on our fraud partners’ websites. See the Cyber Resource Links section below for additional information. The online fraud environment changes rapidly so refer to these sites regularly.

Be Cyber-street savvy – Don’t view or open attachments or click on links in unsolicited e-mails. Financial institutions and government agencies do not contact customers by e-mail or phone asking for passwords, credit card numbers, or other sensitive information. This is also true if you are contacted from an apparent legitimate organization (e.g. IRS, Better Business Bureau, Federal courts, UPS).

Be wary of pop-up messages claiming your machine is infected and offering software to scan and fix the problem, as it could actually be malicious software that allows the fraudster to remotely access and control your computer.

Report suspicious activity – Make sure your employees know how and to whom to report suspicious activity within your company and with accounts at your financial institution.

Immediately contact your financial institution if you notice unauthorized activity so that the following steps may be taken to:

  • Disable online access to accounts.
  • Change online banking passwords.
  • Request that the financial institution’s agent review all recent transactions and electronic authorizations on the account. If suspicious active transactions are identified, cancel them immediately.
  • Ensure no new changes have occurred on the accounts such as; address changes, added users, or changed PINs.

It is important to note...
The above best practices will help you protect yourself, your computer, and your organization – but only if all precautions are followed to prevent unauthorized access to your computer and/or login credentials. Once an unauthorized person has gained access, it may be too late to stop their actions.

Notify us immediately if you discover any unauthorized or unusual activity involving your Comerica accounts. Contact Treasury Management Relationship Services at 800.852.3649.

Cyber Resource Links

You should stay informed about current threats by having these resource links saved in your browsers favorites.