Ethical Hacking News
The FBI has warned of a massive surge in account takeover (ATO) fraud schemes, with over $262 million stolen by cybercriminals impersonating bank support teams since the start of 2025. The Internet Crime Complaint Center (IC3) has received over 5,100 complaints, affecting individuals and businesses across various industry sectors.
The FBI has issued a warning about surge in account takeover (ATO) fraud schemes, with cybercriminals impersonating financial institutions stealing over $262 million since the start of 2025. Criminals gain unauthorized access to online bank, payroll, or health savings accounts using social engineering techniques or fraudulent websites. The FBI advises measures such as monitoring financial accounts, using unique and complex passwords, enabling multi-factor authentication, and verifying authenticity before providing sensitive information. Victims of ATO fraud can reduce losses by immediately contacting their financial institution to request a recall and obtain a Hold Harmless Letter/indemnification documents. The FBI warns about phishing attacks where fraudsters impersonate bank staff or customer support personnel to manipulate victims into providing login credentials. Criminals may use phishing websites designed to look like legitimate financial institutions, with SEO poisoning tactics to promote them through ads.
The FBI has issued a warning about a surge in account takeover (ATO) fraud schemes, with cybercriminals impersonating financial institutions stealing over $262 million since the start of 2025. The Internet Crime Complaint Center (IC3) has received over 5,100 complaints, affecting individuals and businesses across various industry sectors.
In these schemes, criminals gain unauthorized access to online bank, payroll, or health savings accounts using social engineering techniques or fraudulent websites. After gaining control, they wire funds into crypto wallets, making recovery difficult due to the lack of traceable information. In some cases, they change account passwords, locking legitimate owners out and further complicating the process.
To combat this issue, the FBI advises several measures, including monitoring financial accounts, using unique and complex passwords, enabling multi-factor authentication, and visiting banking websites through bookmarks rather than search results. Victims should also immediately contact their financial institution to request a recall and obtain a Hold Harmless Letter/indemnification documents, which may reduce losses.
The FBI also warns about phishing attacks, where fraudsters impersonate bank staff or customer support personnel through texts, calls, or emails, manipulating potential victims into providing login credentials. These stolen credentials are then used to log in to the financial institution's website and initiate a password reset to gain control of the victims' accounts.
Some criminals have also falsely claimed that their information was used for fraudulent transactions or firearm purchases, tricking victims into visiting phishing websites or providing sensitive information to second criminal impersonating law enforcement. The phishing websites are designed to look like legitimate financial institutions or payroll websites and use search engine optimization (SEO) poisoning tactics to promote them through ads.
The FBI has previously warned about cybercriminals impersonating the Internet Crime Complaint Center (IC3) website in financial scams, with victims' personal information being stolen. This issue highlights the need for vigilance and awareness among individuals and businesses when dealing with online banking and account management.
To combat ATO fraud, law enforcement agencies emphasize the importance of cybersecurity measures such as multi-factor authentication and regular account monitoring. Individuals should be cautious of unsolicited emails or phone calls from unknown numbers claiming to be bank representatives, and never provide sensitive information without verifying the authenticity of the request.
The FBI's warning serves as a reminder for all stakeholders to remain vigilant in protecting themselves against these types of cyber attacks. By taking proactive measures such as using secure passwords, enabling multi-factor authentication, and regularly monitoring financial accounts, individuals can significantly reduce their risk of falling victim to ATO fraud schemes.
Related Information:
https://www.ethicalhackingnews.com/articles/FBI-Warns-of-262M-Stolen-by-Impersonating-Bank-Support-Teams-ehn.shtml
https://www.bleepingcomputer.com/news/security/fbi-cybercriminals-stole-262-million-by-impersonating-bank-support-teams-since-january/
Published: Tue Nov 25 11:27:54 2025 by llama3.2 3B Q4_K_M
