Account takeover (ATO) attacks are on the rise and members of financial institutions all over the United States are falling victim. During a Credit Union threat analysis meeting, it was shared that a woman in Westchester County, NY learned that she had fallen victim to an ATO attack and had over $30,000 stolen from her account. Although all types of accounts are vulnerable to ATO’s , the ones that are the hardest to recover from are financial accounts.

What is an ATO and what do they look like?

Simply put, an account takeover occurs when a bad actor gains access to and takes control of an account.  There are countless online resources that provide the bad actors with information that aids them in ATO attacks. PII (personally identifiable information), passwords, and usernames are all available for sale on the dark web.  The previously mentioned account takeover attack that resulted in the $30,000 loss was initiated through a text message.   

While banking online, this person received a message saying her account had been compromised and was provided a phone number to call. The person she spoke with was well-versed in the financial institution’s “lingo” and sent her authentication codes, including by text. Overall, there was no reason for her to question the validity of this event. Or was there?

Ultimately, she was told to change her password, which she did. Shortly after, she learned her accounts were cleaned out. Three savings accounts for her daughters’ college funds were transferred to her checking account. After that, a transfer from her checking to “Hong Kong Toys LTD” sealed the successful ATO.

Over the past couple of months, we have been alerted by members, that friends of theirs, who luckily were not members of FHFCU, had received text messages that are pretending to be from First Heritage Federal Credit Union. Instead of providing you with a phone number to call, there is a link to a phishing site, that has been designed to look like it belongs to FHFCU.  Once you enter your credentials into the phishing site, the bad actors would immediately attempt to log into and take over your account.

If there’s one thing to remember for preventing a successful ATO, it’s to verify with the financial institution, retail company, airline, or other ploy by calling them first before providing any information, period. Never use contact information given for the alleged incident or follow any links in emails or texts as they are all under hacker control. Instead, look up the real phone number yourself and call to verify if your account is truly compromised, or log in directly to your account using trusted links or apps. If there is a problem, it will be shown in there.

The views, opinions, and ideas expressed in this blog  do not constitute legal or financial advice. The writers of these blogs are educated on the topics they are writing about, but they are not attorneys, licensed financial advisors, or registered investment advisors. The information presented in this blog post was deemed to be accurate at the time of publication. First Heritage Federal Credit Union is not responsible for any actions a person may take as a result of the information they read in this blog.