Fraud 101: Account Takeovers


The commonplace use of advanced technology has created an opportunity for fraudsters. Fraud takes many forms, but identity theft and account takeovers (ATO) pose the greatest risk to victims. Both attack types provide a means for the fraudsters to gain access to personally identifiable information (PII). Such information includes social security numbers and bank accounts, which can wreak havoc.

Read the Understanding Account Takeover report

ATOs are particularly hard to guard against because many institutions do not have strong security measures in place or account takeover protection. Here’s a high-level view of what you need to know about this attack type.

Account takeovers defined

ATO, as the name suggests, occurs when a hacker gains entry into the victim’s account and uses the victim’s information for opportunistic and malicious purposes, usually proceeding to lock the original user out so they can’t take any measures to salvage the account. The fraudster can make high-cost purchases, scam others, and may even steal the identity (or commit identity fraud) of the original user.

Hacking into an established account provides fraudsters with an automatic level of trust with institutions like banks and credit card companies which may not have proper tools to detect a bad actor at login and may focus security measures on newly opened accounts rather than on existing accounts when searching for fraud. Additionally, the fraudster usually has more time to work (i.e., steal) before they are discovered. This is because the identity they are operating under is an actual, real person.

Preventing fraud attacks

This is the era of security breaches: in 2017, the banking/credit/financial sector suffered 8.5% of all breaches. New CIP and KYC measures must be implemented, beginning with identity validation services and account takeover protection. Banks and credit card companies that can consistently monitor and validate that customers are who they say they are, beyond enrollment, stand a chance against the evolving tactics of fraudsters.

Highly targeted industries — like financial services—benefit from a wealth of cyber security and fraud detection solutions. It may seem impossible to keep up with the impostors. But the advent of AML and fraud detection technology enables banks to succeed; security measures simply need to be implemented before damage can be done.

The Impact of Identity Theft and Scams in 2021_webinar
The Impact of Identity Theft and Scams in 2021

virtually every type of financial product, commercial platform, and government support. Simultaneous
scam activity — via social media, phone, text, and email — targeted one in three U.S. consumers in 2021.
What were the results of these activities? And how will organizations deal with and overcome the fraud

Read More »
Consumer Scams: Rising in Velocity & Sophistication
Consumer Scams: Rising in Velocity & Sophistication

Announced today, GIACT (a Refinitiv company) released its annual report, developed by Aite-Novarica, on identity theft in 2021.  According to the report, 25% of U.S. consumers were impacted by identity theft in 2021. The report’s findings follow record high rates of identity theft in 2020 and explosive growth in scam activity in 2021.

Read More »