Account takeover fraud has remained a persistent threat for financial institutions. Recent trends reveal not only an increase in account takeover fraud losses but also in the frequency and sophistication of account takeover schemes.
The Federal Reserve supports the payments industry in the fight against account takeover fraud. This account takeover fraud mitigation toolkit offers a wide range of informative resources to help the industry.
Why is it Important for Financial Institutions to Mitigate Account Takeover Fraud?
Account takeover fraud occurs when a criminal gains unauthorized access to a legitimate user’s account and exploits that access for fraudulent purposes. Criminals controlling these accounts can cause significant losses for both victims and financial institutions by withdrawing or transferring funds, making unauthorized purchases or selling account details to other criminals. They also may change the user’s account information (e.g., email address, phone number) or credentials, locking the victim out of the account and hindering the financial institution’s ability to contact them about suspicious activity.
Account takeover fraud has increased in recent years. This trend is driven in part by the combination of consumers’ expanded digital footprints, criminals’ wider access to breached user data, and emerging technologies that can make account takeover easier to automate.
Explore the toolkit modules below for resources to help understand account takeover fraud.
The account takeover fraud mitigation toolkit was developed by the Federal Reserve to help educate the industry about account takeover fraud and outline potential ways to help detect and mitigate this fraud type. Insights for this toolkit were provided through interviews with industry experts, publicly available research, and team member expertise. This toolkit is not intended to result in any regulatory or reporting requirements, imply any liabilities for fraud loss, or confer any legal status, legal definitions, or legal rights or responsibilities. While use of this toolkit throughout the industry is encouraged, utilization of the toolkit is voluntary at the discretion of each individual entity. Absent written consent, this toolkit may not be used in a manner that suggests the Federal Reserve endorses a third-party product or service.