How to Stay Safe from Account Takeover Scams
September 30, 2024
Everything requires an account today, from handling your finances to watching your favorite shows. Between managing all these different accounts and logins, there is no worse feeling than realizing you’ve been locked out of your own account. Or worse yet, that money is missing, or purchases were made without your authority. Unfortunately, instances like these are becoming more common than ever due to an uptick in schemes known as Account Takeover Scams. Fraudsters obtain your login information and initiate transactions on your behalf – often without you even realizing it until days or weeks later.
What is an Account Takeover?
An account takeover is when a cybercriminal gains access to one of your online accounts and then uses it in your name, steals your money or data, or sells your personal information for a profit.
Account takeover scams are a form of identity theft. They can compromise sensitive personal information, including email addresses, passwords, billing and mailing addresses, credit card numbers, and social security numbers.
Beyond accessing your data, these scams can also leave your finances vulnerable. A successful account takeover can result in fraudulent transactions, credit card fraud, or unauthorized purchases from your customer accounts.
These scams don’t just target your financial institution accounts. They can also affect other types of accounts, including your online store accounts, utility accounts, e-commerce websites, peer-to-peer payment apps, and more.
How Does It Happen?
Most account takeover scams involve a series of small tasks designed to gain access to users’ information and, ultimately, their accounts. Fraudsters have a string of tools at their disposal to achieve their objectives, with phishing being a top choice for many.
Phishing scams impersonate the brands and companies you already do business with and prey on your trust. Fraudsters create and send fake emails or text messages that may appear legitimate at first glance. These messages often persuade you to verify your login credentials, update your payment information, track a package, or confirm your delivery address.
The text or email includes a link that redirects to a fake login portal designed to steal your credentials and any information you enter on the site. These messages may also include an attachment that, if opened, installs malware on your device. Malware can even be embedded on fraudulent sites and automatically download onto your device when you follow the link to the website.
How Can I Prevent It?
Here are some actions you can take to shield yourself from cybercriminals:
- Do NOT Share Personal Information: NEVER share personal or account information with anyone for any reason, especially not through email, text, or on social media platforms.
- Set Strong Passwords: As easy and tempting as it may be, avoid using the same or similar variations of passwords across multiple accounts. Instead, set strong passwords that use a combination of upper- and lower-case letters, numbers, and symbols and avoid dictionary words. Consider setting up a password manager that functions across all your devices to help you keep track and simplify your sign-in processes.
- Enable Multi-Factor Authentication: Ensure you have multi-factor authentication enabled on every account for which it is available. Multi-factor authentication (MFA) uses an additional form of verification, such as a time-sensitive code or biometric data like a fingerprint or facial recognition, before providing access to your account.
- Contact Directly: If you’re ever in doubt that any communication you receive from a brand or company is legitimate, contact them directly. Don’t use the contact information listed in the questionable email or text you receive. Instead, search the company online, go to their official website, and use the contact information listed.
We’re Here to Help!
While Patriot maintains top-level security for all member accounts, cybercriminals are always looking for new victims to prey upon. Most scams begin with people unknowingly clicking a fraudulent link in an email or text. Understanding how these scams work and being proactive with your devices’ security and passwords are some of the best ways to protect yourself.
If you suspect you were targeted by a scam or have been a victim of fraud, contact us immediately. Our team is here to support you and guide you through any issues or concerns. Please stop by any of our branch locations or call 888-777-9982 to speak with a team member today.
Disclosures
-
This credit union is federally insured by the National Credit Union Administration.
-
Equal Housing Lender