From January 2025 to November 2025, the Federal Bureau of Investigation Internet Crime Complaint Center (IC3) received more than 5,100 complaints reporting account takeover fraud, with losses exceeding $262 million. As the prevalence of this type of fraud continues, maintaining account security and using internet best practices is more important than ever.

What is Account Takeover Fraud?

In Account Takeover Fraud (ATO), criminals gain unauthorized access to a victim’s online account with the goal of stealing money or personal information. Corporate account takeover fraud (CATO) focuses on compromising accounts that belong to a business or organization. When businesses are targeted, attackers can disrupt regular operations, initiate fraudulent transactions, and install malware that can have widespread negative effects. Therefore, knowing the methods criminals use to commit ATO can not only help keep your organization protected but potentially save you millions of dollars in losses.

ATO attacks can be initiated in a variety of ways: phishing, business email compromise, credential stuffing from data breaches, and more. Once the criminal gains access to an account, they can wire funds to criminal-controlled accounts and change the login credentials to lock you out.

Reducing Your Risk

Staying up to date on the cyber threat landscape and the fraudulent tactics used across your industry is one of the first steps in mitigating risk. Additionally, you should do the following:

• Enable two-factor authentication or multi-factor authentication on accounts whenever possible.
• Monitor your financial accounts regularly, looking for irregularities, missing deposits, or unauthorized transactions.
• Be wary of unsolicited phone calls or emails. Criminals may impersonate financial institution employees, customer service representatives, or tech support to convince you to provide login credentials.

What to Do If Your Business Experiences Account Takeover Fraud

1. Contact your bank. As soon as you realize account takeover fraud has occurred, contact your financial institution immediately. As a West Bank customer, call our Customer Service at 1-855-464-5407.
2. Secure your connection and device. After an ATO incident, the involved device(s) should be inspected and evaluated, either by your company’s IT Department or a reputable third-party service provider. Confirm that your systems are secure before reconnecting or entering new information.
3. Reset compromised passwords. After the device and connection are secure, reset the credentials on the compromised account as well as any reused passwords associated with other accounts.
4. File a complaint. File a complaint with the FBI’s Internet Crime Complaint Center at www.ic3.gov. Include details such as:
   • Identifying information about the cybercriminal(s) such as individual, business, or financial institution impersonated; name; phone number; email address; and any other information you were given.
   • A detailed account of the websites you were directed to as well as any software you were told to download and install.
   • Financial accounts used by the cybercriminal(s).

   In your report, include the words “Account Takeover” in the description so that it can be categorized correctly.

5. Notify the impersonated company. Notify the company that the cybercriminal(s) impersonated to gain access to your account. Notifying the impersonated company gives it the opportunity to warn others about the scam and take proactive steps.