The FBI today issued a warning regarding a massive surge in Account Takeover (ATO) fraud schemes, revealing that cybercriminals impersonating financial institutions have stolen over $262 million in ATO attacks since January 2025.
Surge in ATO Fraud
Since the beginning of the year, the FBI's Internet Crime Complaint Center (IC3) has received over 5,100 complaints. These attacks impact individuals, businesses, and organizations across all industry sectors.
In these schemes, criminals gain unauthorized access to online bank, payroll, or health savings accounts using various social engineering techniques or fraudulent websites. Once control is gained, criminals swiftly wire funds into crypto wallets, making recovery very difficult. In many cases, they also change account passwords, locking legitimate owners out.
The law enforcement agency warned that funds are disbursed quickly and are difficult to trace and recover, especially since many criminal controlled accounts are linked to cryptocurrency wallets.
Fraudster Tactics
Fraudsters typically impersonate bank staff or customer support personnel through texts, calls, or emails to manipulate potential victims into providing login credentials, including multi factor authentication (MFA) or One Time Passcode (OTP) codes. The stolen credentials are then used to log in and initiate a password reset to gain complete control of the accounts.
According to victim reports, some criminals have falsely claimed that victims' information was used for fraudulent transactions or even firearm purchases. This is a scare tactic designed to trick the victim into visiting a phishing website or providing sensitive information to a second criminal impersonating law enforcement.
The phishing websites used in these attacks are designed to look exactly like legitimate financial institutions or payroll websites. Attackers often use Search Engine Optimization (SEO) poisoning tactics, promoting their fraudulent sites through ads to push them to the top of search results.
FBI Recommendations
The FBI advises immediate action for potential victims:
- Contact your financial institution immediately to request a recall and obtain a Hold Harmless Letter/indemnification documents, which may help reduce losses.
- Monitor financial accounts closely.
- Use unique, complex passwords and enable multi factor authentication (MFA) on all accounts.
- Use bookmarks rather than search results to visit banking websites.
- File a complaint at ic3.gov with detailed information, including criminal financial accounts and the companies impersonated.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
