Account takeover (ATO) fraud is a growing concern for consumers, financial institutions, and businesses. ATO is a type of cybercrime in which a crook gains access to an individual’s online account in an effort to commit fraud. The attacker will often change the login credentials to lock the original owner out of their own account. The outcomes of ATO can be extremely damaging, with potential results including identity theft and extensive financial losses for the victim. A better understanding this form of cybercrime can help you in preventing account takeover fraud.
How does account takeover fraud occur?
ATO typically involves a fraudster taking control of an individual’s online account. It often involves the cybercriminal stealing personal login information, including account usernames and passwords. Compromised credentials are often sold on the dark web as well. In fact, they are widely available.
1 Phishing
Cybercriminals often use phishing techniques to lure victims into revealing login and other private information. Phishing is accomplished through the use of emails, text messages, or malicious websites,
2 Smishing
This is a form of phishing that uses text messages to trick victims into sharing private information.
3 Malware & Viruses
Another growing form of cybercrime is malicious software that is installed into a computer or another device in an effort to steal confidential information. The malware then tracks keystrokes to capture login credentials. Victims rarely suspect that a criminal has infiltrated their devices and is stealing all of their personal information.
4 Social Engineering
With social engineering, a fraudster will impersonate a well-known and trusted organization, creating a sense of urgency or providing some type of incentive in an effort to trick the victim into providing information.
5 Brute Force Attacks
Also known as exhaustive key search, this hacking technique involves the use of automated software to guess login information. It may also involve password spraying, which means trying one password over multiple accounts.
The dangers of ATO
Once a criminal gains access to your account, they can do many things. They might change passwords and lock you out of your account or order a new credit card and make purchases. They may even redirect unemployment, pension, or social security benefits, duping you out of much-needed funds. In addition to financial losses, ATO fraud can lead to stolen identities and damaged credit. The opportunities for ATO criminals are endless. They may even sell your information on the dark web, leading to far-reaching consequences for years to come.
Red flags of an ATO
- Fraud alerts from your credit card, credit union, or credit monitoring companies.
- Unfamiliar charges on our credit cards.
- Unfamiliar withdrawals from a financial account.
- Changed account, profile, or contact information.
- Password reset emails for passwords you did not attempt to reset.
Protecting yourself from account takeover fraud
- Create complex and unique passwords and do not share them with anyone.
- Do not use the same password for multiple accounts.
- Be careful where you save your passwords. We suggest using a reputable password manager for storage.
- Be vigilant when clicking on links in emails or text messages. Be sure you are confident about who they are from.
- Never click on links from unknown senders.
- Enable multi-factor authentication on your accounts.
- Avoid using public Wi-Fi.
- Install antivirus software.
- Keep all of your device software up to date. It helps keep you protected against new threats.
- Monitor your financial accounts & credit reports.
- Report fraud to the appropriate company or agency.
Beware of phishing attempts
Remember, Choice One will never call, email, or text you and ask you for confidential information, such as your full social security numbers or PINs. Fraudsters often use these methods to trick you into revealing personal or confidential information. Finally, we strongly encourage you to use unique passwords with every account, rather than sharing one password across multiple accounts.
Education is key to protecting yourself from account takeover fraud.
Learn more in the Choice One blog “Warning Signs of a Wi-Fi Hack.”