MEMBER FEEDBACK
Rio Grande Credit Union
Appointment Contact Locations Why Rio Grande? Make a Payment Español Español
Rio Grande Credit Union
The Update - News You Can Use

The Update

News you can use from RGCU

Home > News > The Update > All You Need to Know About Account Takeover Scams

All You Need to Know About Account Takeover Scams

Imagine waking up, trying to check your email or checking account — only to find you’re locked out of your own accounts. Unfortunately, your account has been taken over and the nightmare is just beginning.

Account takeover (ATO) scams are a fast-growing form of cybercrime. Let’s look at these scams and how to protect yourself from falling victim.

What is an account takeover scam?

An account takeover occurs when a scammer gains unauthorized access to a victim’s online account. The scammer may use the compromised account to:

  • Make unauthorized purchases
  • Access sensitive information
  • Impersonate the victim to scam others
  • Steal rewards points or gift card balances
  • Spread malware to the victims’ contacts

How do these scams play out?

A typical account takeover scam follows four steps:

  • Reconnaissance. The scammer collects the victim’s personal info, such as their name, email address and birthday, through phishing emails, data breaches or malware.
  • Access. Using brute force (guessing passwords), credential stuffing (reusing stolen passwords from other sites), or social engineering (tricking the victim into revealing info), the scammer gains access to their accounts.
  • Takeover. Once in, they quickly change the password, recovery email and security questions so the victim can’t get back in.
  • Monetization. The scammer drains the victims’ accounts, makes purchases or sells the login credentials on the dark web.

All this can happen in minutes — and the longer it takes for the victim to notice, the worse it gets.

Red flags to watch for

Be on the lookout for the following signs of a possible ATO scam:

  • Unexpected password reset emails
  • Login alerts from unknown locations or devices
  • Locked accounts you didn’t change
  • Unfamiliar charges on your credit or debit cards
  • Friends saying they got strange messages from you
  • Missing funds, rewards points or order confirmations for items you didn’t buy

How to protect yourself

Here’s how to stay safe from ATO scams:

  • Use strong, unique passwords for each account.
  • Enable multi-factor authentication (MFA) wherever possible.
  • Beware of phishing emails and texts. Don’t click on suspicious links or attachments.
  • Monitor your accounts regularly for unauthorized logins, purchases or changes.
  • Update the security settings on your software and devices.
  • Avoid logging into sensitive accounts when using unsecured networks.

If you’ve been targeted

If you suspect you’ve fallen victim to an ATO scam, act fast to mitigate the damage.

First, try to regain control of your accounts using password recovery tools. It’s also a good idea to contact the compromised platform’s support team. Next, change your passwords, starting with your email and then moving on to any other accounts that use the same or similar login. Enable MFA whenever possible and notify your credit union and credit card company as you may need to freeze or close accounts. Scan your device for malware, using a trusted antivirus tool to check for keyloggers or other malicious software. Finally, file a report at IdentityTheft.gov or IC3.gov.

Protect your accounts like your future depends on it — because these days, it just might.

RGCU Card Benefit: Personal Identity Theft

If you have had your identity stolen, you could be reimbursed for the cost of recovery up to $5,000. Learn about all your RGCU Debit Card benefits. 

 

Tags: Security


« Return to "The Update"
   MEMBER FEEDBACK