Important Notice: Beware of fraudulent calls claiming to be from Nacha. Scammers are targeting organizations that originate ACH payments, stating they need to review your current ACH files. Nacha will never contact you directly to ask to review ACH files in this manner. If you receive a call matching this description, or alerts of suspicious activity on your account, please contact us immediately at 1-800-273-6908 Option "0".

In honor of Presidents Day, Northern Bank branches and the Contact Center will be closed on Monday, February 16. As always, mobile banking, online banking and our ATM network are available to you 24/7.

FDIC-Insured - Backed by the full faith and credit of the U.S. Government

Partner Site Disclaimer

By accessing the noted link you will be leaving our website and entering a partner site which is hosted by another party. Please be advised that you will no longer be subject to, or under the protection of, the privacy and security policies of our website. We encourage you to read and evaluate the privacy and security policies of the site which you are entering, which may be different than those of ours. 

Continue to External Website external-link icon
February 12, 2026

Protecting Your Business from Spoofed Caller ID and Account Takeover Scams

In today’s business environment, trust is essential. Unfortunately, it’s also what fraudsters target first. One of the fastest-growing threats facing businesses involves spoofed communications and online account takeover scams. These attacks don’t rely on hacking systems; they rely on convincing people. And they’re working.

Why This Threat Is Growing

Spoofing and account takeover scams have become more sophisticated and increasingly common:

  • 79% of organizations were victims of payment fraud attacks or attempts in 2024
  • 83% experienced email spoofing attempts in 2023
  • 67% of small businesses report at least one spoofing attempt each quarter
  • The average financial loss from a successful incident ranges from $125,000 to $175,000
  • Recovery can take three to six months for significantly impacted businesses

These aren’t just technology issues; they’re operational risks that can disrupt cash flow, damage reputations, and stall growth.

How Spoofing and Account Takeover Attacks Work

Spoofing and account takeover often happen together.

Spoofing occurs when a fraudster disguises a call, email, or message to appear as though it’s coming from a trusted source — a bank, vendor, colleague, or service provider. Caller ID spoofing can make a phone call appear to come from a legitimate business number. Email spoofing can mimic trusted domains with subtle variations that are easy to miss.

Once trust is established, the attack escalates.

A Common Attack Pattern — and Where Even the Savviest Businesses Get Tricked

In just a few steps, fraudsters can gain control of a business account:

1. Initial contact
A fraudster calls or emails pretending to represent a trusted organization, often using real employee names or publicly available information.

2. Creating urgency
They claim there’s suspicious activity, a system issue, or an urgent update required to prevent disruption.

3. The moment that feels routine — but isn’t
This is where many businesses are caught off guard.

The caller explains that they need to “verify your identity” and says a code will be sent to your mobile phone. They may pause the conversation to “follow procedure,” lending credibility to the request.

At the same time, the fraudster is attempting to log in to your online banking or financial system. That action triggers a legitimate multi-factor authentication (MFA) or secure access code to be sent to your phone.

Because the timing aligns perfectly with what the caller described, the message appears to confirm their story. Believing the bank initiated the verification, the victim shares the code.

In reality, that code was never meant to be shared — and doing so gives the fraudster access.

Legitimate financial institutions will never ask for MFA or one-time security codes over the phone, text, or email.

4. Account takeover
Once inside the account, fraudsters may change passwords, recovery details, phone numbers, or user permissions.

5. Financial manipulation
They can initiate wire transfers, ACH payments, or alter payment instructions — often before the activity is noticed.

Red Flags Every Business Should Know

Awareness is your first and most effective line of defense.

Communication Red Flags

  • Caller ID or email addresses that appear legitimate but contain small inconsistencies
  • Slight domain changes (extra characters or swapped letters)
  • Urgent or threatening language demanding immediate action
  • Requests for sensitive information via phone, text, or email

Account Activity Red Flags

  • Unexpected password reset notifications
  • Login attempts from unfamiliar locations or devices
  • Activity outside normal business hours
  • Sudden changes to user roles, permissions, or contact information

If something feels off, pause. Fraudsters rely on urgency to override caution.

Practical Steps to Protect Your Business

Strong protection doesn’t mean complicated protection — it means layered safeguards.

Strengthen Your Technology

  • Enable MFA on all critical systems
  • Implement SPF, DKIM, and DMARC email authentication
  • Use real-time account activity alerts

Limit Access

  • Assign role-based permissions
  • Require multi-step verification for payment changes
  • Review user access regularly

Train Your Team

  • Verify unexpected requests through trusted channels
  • Establish a formal verification process
  • Reinforce one critical rule: never share MFA codes


Vigilance Is a Business Advantage

Spoofing and account takeover scams aren’t just cybersecurity issues — they’re business continuity risks. The most resilient organizations aren’t those that assume they won’t be targeted; they’re the ones that prepare as if they will be.

At Northern Bank, protecting your business means more than providing financial services. It means helping you recognize threats early, strengthen defenses, and respond with confidence.

You can always send questions and concerns to SecurityMatters@NBTC.com for any information security-related questions.

Latest Posts

About Northern Bank

Northern Bank is a full-service bank dedicated to providing practical, common sense financial solutions to help our customers live their lives and grow their businesses. From deposit products to loans to payment and collections services, we work hands-on with our entrepreneurial customers, both locally and across the country, to provide the financial support they need to realize their personal and business goals. Founded in 1960, Northern Bank has assets of $3.22 billion with 12 locations serving communities throughout Middlesex County. Northern Bank is a Member of the FDIC, and an Equal Housing Lender.

 

Ready to take the next step?
We're here to help!

Contact us now to learn more about how Northern Bank can help you realize your goals and dreams. 

Contact Us