FBI warns of account takeover fraud with over 262 million US dollars in damages

The US security agency FBI is currently warning that cybercriminals are posing as employees of financial institutions to steal money or data. In this scam, they aim to take over accounts (Account Takeover, ATO). The perpetrators are targeting individuals, companies, and organizations of various sizes and across multiple industries.

In a public announcement on the website of the Internet Crime Complaint Center (IC3), the FBI provides further details. In the "ATO" scam, the criminal perpetrators gain unauthorized access to victims' accounts at online financial institutions, for payroll or – rather less known on this side of the Atlantic – health savings accounts. According to the FBI, the goal is simple robbery, the theft of money held there or data for personal enrichment.

Three-digit million-dollar damage

Since January of this year, the FBI has already received more than 5100 complaints about the ATO scam via the IC3 website. The total damage amounts to more than 262 million US dollars.

In particular, through social engineering attacks, fraudsters trick their victims into revealing login data, including multi-factor authentication codes or one-time passwords (OTP). The perpetrators pretend to be employees of financial institutions, from customer service, or belonging to technical support. With the credentials, they then log into the real financial institution, initiate a password reset, and finally gain full access to the accounts. This also allows them to immediately lock out their victims from their accounts. The criminals make contact via fraudulent text messages, phone calls, or emails.

In addition, fraudsters use phishing websites that are deceptively similar to the real websites. Such things can also be observed in German-speaking countries. For example, phishers here with DHL back payments for the online retail year-end business lure their victims. However, the FBI also warns of fraudulent phishing pages that rank high in search engine results due to search engine optimization (SEO) and thus find potential victims.

Once the criminals have gained access, they quickly transfer funds to accounts they control. Many of these are linked to crypto wallets. This allows the funds to be transferred quickly and makes them difficult to trace and recover.

The FBI provides the generally well-known tips to protect oneself from such scams. One should be careful about what information is shared online or on social networks. Financial accounts should be checked regularly. Furthermore, the FBI recommends using unique, complex passwords. When accessing website logins, interested parties should use bookmarks and not click on search results or advertising links. In addition, internet users should remain vigilant and watch out for phishing attempts.

Shortly before, the US cybersecurity agency CISA issued a warning for Messenger users. Several cyber gangs (or criminals) want to palm off commercial spyware on them,

(dmk)