3 Unsuspecting Targets for Account Takeover Scams

10th January 2017

All too often web users lull themselves into a false sense of security. They mistakenly believe that they won’t be targeted by hackers, carelessly click on spam emails, and casually eschew advice about improving their password protocol.

But the truth of the matter is that every web user is at risk, and if you don’t follow security recommendations, you could open yourself up to data breaches, cyber theft and hacker infiltration. Today we will primarily focus on account takeover fraud, sometimes abbreviated as ATO.

ATO scams are very lucrative for cyber crooks. Unlike bogus accounts which are mass-registered and can easily be detected by security solutions, ATO attacks use real information from real users, making them harder to catch.

Compromised accounts can be used in a number of ways. A hacker could sell your business or personal information on the dark net, they could send spam or phishing emails from your or, worst of all, they could pilfer your finances or buy thousands of dollars’ worth of goods online. Scary stuff!

Below are just a few of the victim industries most targeted by account takeover fraud:


The reasons to attack an ecommerce site should be obvious, since the hacker can victimize both the customers and the business itself. Login forms are hit by bots using stolen credentials (often pilfered through phishing emails), which then use stored credit card information to make big-time purchases with the victim’s money.

Small Businesses

While banks and enterprise companies have found ways to insulate themselves against ATO attacks, small businesses rarely have the same resources and hackers know it. Cybercriminals will often use spear phishing emails to gain access to senior leadership accounts. They may choose to leak your data online or lock your accounts until a ransom is paid.  

Churches & Charities

Cyber crooks hold nothing sacred, including churches and charities. Take for instance the St. Ambrose Cathedral in Des Moines, Iowa which had more than $680,000 stolen from their bank account following an ATO attack in 2011. Again the heist likely began with a phishing email and ended with an empty bank account. The money, raised to help abused women and the homeless, was eventually reimbursed by insurance.

Protecting Yourself Against ATO

While the costs are high, all hope is not lost. Here are a few ways to mitigate the threat of account takeover fraud.

Practice Safe Clicking: The majority of ATO attacks are achieved through phishing emails, so avoid opening spam messages and links for people you do not know well. Spear phishing emails take things a step further by spoofing messages to make them look like they were sent by friends or coworkers. Just another reason to be extra suspicious.

Use Stronger Passwords: Another way hackers can crack your account is through automated brute force attacks, which tries to guess your password hundreds upon thousands of times until something works; and it’s more successful than you might think. Eschew weak passwords for more robust passphrases which can thwart these kinds of automated attacks.

Monitor Single-Session Activity: Some cybersecurity providers are taking advantage of behavior analytics to better understand legitimate user behavior and differentiate it from bot or hacker activity. If your typical user logs-in just once a month to make a small purchase, it might raise flags to know that are making multiple big-ticket transactions in the middle of the night.

Monitor Cross-Section Activity: Hackers typically cast a wide net to catch as many victims as possible. Track your site for suspicious activity. If dozens of orders across the country are processing at the same time, but all being sent to the same address, it might be the work of an ATO scammer.

Hopefully this guide has woken you up to one of the most damaging online attacks out there. However, many more exist. Stay aware. Stay safe.

Corey is an all round tech guru who has worked at some major blue chip companies. He started Poweronemedia to share his views and knowledge with the rest of the blogging world.