492/68 Thursday, November 27, 2025
The U.S. Federal Bureau of Investigation (FBI) has issued an urgent public warning following a sharp rise in Account Takeover (ATO) fraud. Since January 2025, cybercriminals have caused more than $262 million in financial losses, with the Internet Crime Complaint Center (IC3) receiving over 5,100 reports. Victims include individuals, businesses, and organizations across all sectors, with attackers targeting financial accounts, payroll accounts, and health savings accounts. Criminals impersonate financial institutions to steal money or sensitive information.
Attackers primarily rely on social engineering through text messages, phone calls, or emails, posing as bank officers, customer service representatives, or fraud investigators. Their goal is to alarm victims with false claims about suspicious activity-such as an alleged firearm purchase-and trick them into revealing passwords, MFA codes, or OTPs. In more elaborate schemes, criminals even involve co-conspirators impersonating police officers to intimidate victims. FBI analysts also report the use of SEO poisoning, where scammers push fake bank websites to the top of search engine results. Once victims enter their details, attackers quickly take over the account, change the password, and transfer funds to cryptocurrency wallets to hinder tracking.
The FBI recommends that anyone who suspects they may be a victim should immediately contact their financial institution to freeze or recall unauthorized transactions and request documentation of the loss for financial protection. Victims should also change passwords for all related accounts and report the incident to relevant authorities and the impersonated company. This helps alert other customers and allows takedown efforts for fraudulent websites.
