Account takeover fraud (ATO) has been on the rise.
Simply put, it refers to fraudsters stealing a victim’s account credentials, then changing the password or other personal data so the victim can’t easily regain control.
Most frequently, fraudsters gain your account information through phishing. These scams could come in the form of emails, phone calls, Facebook messages, text messages or any other form of digital communication.
These messages can sound very convincing or may even appear to come from someone you trust, such as a bank or a friend. However, they will all have two things in common: They’ll sound very urgent, and they’ll prompt you to sign in or reset your password.
Watch out for these phrases that help identify phishing attempts:
- “Verify your account.” Any legitimate business will not ask you to send passwords, login names, Social Security numbers or any other personal information via email or text.
- “If you don’t respond within 24 hours, your account will be closed.” This is attempting to create a sense of urgency so you feel like you don’t have time to verify information through the proper channels.
- “We’ve noticed an issue with your account.” While legitimate businesses may call you unprompted, scammers will frequently make up bogus credit card charges or other issues. When in doubt, no legitimate business will get angry if you hang up and call them at their publicly listed number.
- “Click the link to sign in.” The prompt and link may seem legitimate, but you could be giving fraudsters your login info. Plus, clicking unsolicited links could install keystroke trackers or other malware on your device.
Remember: We will never ask for your personal banking information. If you receive a message that feels suspicious or creates a sense of urgency, it’s always best to pause and verify through official channels.
Stay vigilant, stay secure.
