Combatting account takeover fraud calls for layered approach

According to Javelin Research, more than 1 in 5 adult Americans have been a victim of account takeover (ATO) fraud.

ATO fraud—defined as unauthorized parties gaining access to an individual’s account or profile to commit financial theft—is growing, and it’s manifesting in new and concerning ways. The latest trends range from scam contact centers and criminals mimicking legitimate financial institutions, to deepfakes of members’ voices and facial images using AI.

For example, a call center based in India was recently busted for using leaked American Social Security numbers to target U.S. citizens. The scammers would call their targeted victims and pretend to be from the Social Security Administration. Then a second scammer would get on the phone posing as a U.S. Marshal, and request a transfer of cryptocurrency or gift cards in exchange for suspension of the Social Security number. As improbable as the scenario sounds, many innocent people were victimized, and the criminal enterprise collected an average of $48,000 per day for four months before being shut down.

In another common scheme, criminals impersonate bank or credit union employees and use spoofing technology to make it appear as if they are calling from the financial institution. The scammers coerce victims into providing their online banking credentials, debit card numbers and other confidential info before locking them out of their own account. One such scam succeeding in stealing $2 million from customers of a Pennsylvania financial institution before getting caught.


continue reading »