The FBI’s Internet Crime Complaint Center (IC3) has issued a warning about a surge in Account Takeover (ATO) fraud schemes, where cybercriminals impersonate financial institutions to steal money or sensitive information. Since January 2025, IC3 has received over 5,100 complaints, with reported losses exceeding $262 million.
How the Scam Works
Cybercriminals gain unauthorized access to online financial, payroll, or health savings accounts by:
- Impersonating financial institution staff or websites through calls, texts, and emails.
- Using phishing websites that mimic legitimate sites.
- Employing social engineering tactics to trick victims into revealing login credentials, MFA codes, or OTPs.
- Leveraging SEO poisoning, where fraudulent ads appear in search results, leading users to fake sites.
Once access is obtained, criminals often:
- Reset passwords to lock out the account owner.
- Transfer funds rapidly to accounts linked to cryptocurrency wallets, making recovery difficult.
Signs and Risks
Victims may be told their accounts have fraudulent transactions or purchases (sometimes involving firearms) and are directed to phishing sites. In some cases, criminals impersonate law enforcement to gain further information.
How to Stay Protected
- Use unique, complex passwords and enable multi-factor authentication (MFA).
- Avoid clicking on search ads—use bookmarks for login pages.
- Regularly monitor accounts for suspicious activity.
- Be cautious with personal information shared online.
- Verify unsolicited calls or emails by contacting your institution directly.
If You’re a Victim
Contact your financial institution immediately.
Report the incident to IC3 at www.ic3.gov.
- Reset all compromised credentials and notify the impersonated company.