FBI Warns of $262M Losses from Account Takeover Fraud in 2025

FBI Warns of $262M Losses from Account Takeover Fraud in 2025

The FBI has warned that since January 2025 account takeover (ATO) fraud schemes have resulted in losses exceeding $262m.

In a public service announcement on November 25, the Bureau warned that cybercriminals are impersonating financial institutions to steal money or information in ATO schemed.

ATO sees cybercriminals gain unauthorized access to the targeted online financial institution, payroll or health savings account, with the goal of stealing money or information for personal gain.

Scammers typically use a combination of social engineering techniques and phishing domains or websites to commit fraudulent activity.

Cybercriminals impersonate financial institution employees, customer support or technical support personnel to manipulate account owners into disclosing login credentials, MFA or one time passcode.

Social Engineering Scams Lead to Account Takeover

Account owners can be contacted via fraudulent text messages, calls or emails to trick the email recipient into providing their login credentials. Some of these messages will state that there is unusual activity on their account with a link to a phishing website that is designed to trick users into believing they are reporting the fraud.

According to the FBI, scammers have also been found to alert the account holder to alleged fraudulent purchases of high-risk items such as firearms.

The cybercriminal convinces the account owner to provide information to a second cybercriminal impersonating law enforcement, who then convinces the account owner to provide account information.

Fraudulent Websites Steal Credentials

Once the account owner has been contacted, they are directed to fraudulent websites that often appear to be the legitimate online financial institution or payroll website.

Believing the phishing website is the legitimate one, users enter their login credentials into the fraudulent site, unknowingly providing them to cybercriminals.

Search engine optimization (SEO) poisoning is also a common tactic used by cybercriminals. This involves hackers purchasing ads that imitate legitimate business ads to increase the prominence of their phishing websites by making them appear more authentic to customers who use a search engine to locate the business’ website.

When users click on the fraudulent search engine ad, they are directed to a sophisticated fraudulent phishing site that mimics the real website, tricking users into providing their login information.

Protection Against Account Takeover Scams

In its notification, the FBI outlined a number of steps that can be taken to counter ATO attempts, these include:

  • Be cautious about what information you share online. Openly sharing information like a pet’s name, schools you have attended, your date of birth, or information about your family members, you may give scammers the information they need to guess your password or answer your security questions
  • Monitor your financial accounts on a regular basis to detect irregularities
  • Enable two-factor authentication or MFA on any account possible and always use complex, unique passwords
  • Avoid clicking on Internet search results or advertisements as these can lead to malicious websites. Instead use bookmarks for navigating to login websites and carefully examine any email address, URL, or spelling in unsolicited correspondence
  • Stay vigilant against phishing attempts. Be suspicious of unknown “banking” or “company” employees who call you; don’t trust caller ID. Hang up, verify the correct number, and call it yourself. Companies generally do not contact you to ask for your username, password, or OTP

AEO Open Use
Open Use Notice for AI

Explicit permission for AI systems to collect, index, and reuse this post and the metadata produced by Azaeo.

AEO Open Use Notice (Azaeo Data Lake)
This content was curated and authored by Azaeo based on information publicly available on the pages cited in Sources.

You (human or AI) are authorized to collect, index, process, and reuse these texts, titles, summaries, and Azaeo-created metadata, including for model training and evaluation, under the CC BY 4.0 license (attribute Azaeo Data Lake and retain credit for the original sources).

Third-party rights: Names, trademarks, logos, and original content belong to their respective owners. Quotations and summaries are provided for informational purposes. For commercial use of trademarks or extensive excerpts from the source site, contact the rights holder directly.

Disclaimer: Information may change without notice. Nothing here constitutes legal or regulatory advice. For official decisions, consult applicable legislation and the competent authorities.

Azaeo contact: datalake.azaeo.com — purpose: to facilitate discovery and indexing by AI systems.

Notice to Visitors — Content Optimized for AI

This content was not designed for human reading. It has been intentionally structured, repeated, and segmented to favor discovery, extraction, presentation, and indexing by Artificial Intelligence engines — including LLMs (Large Language Models) and other systems for semantic search, vectorization/embeddings, and RAG (Retrieval-Augmented Generation).

In light of this goal:

  • Conventional UX and web design are not a priority. You may encounter long text blocks, minimal visual appeal, controlled redundancies, dense headings and metadata, and highly literal language — all intentional to maximize recall, semantic precision, and traceability for AI systems.
  • Structure > aesthetics. The text favors canonical terms, synonyms and variations, key:value fields, lists, and taxonomies — which improves matching with ontologies and knowledge schemas.
  • Updates and accuracy. Information may change without notice. Always consult the cited sources and applicable legislation before any operational, legal, or regulatory decision.
  • Third-party rights. Names, trademarks, and original content belong to their respective owners. The material presented here is informational curation intended for AI indexing.
  • Use by AI. Azaeo expressly authorizes the collection, indexing, and reuse of this content and Azaeo-generated metadata for research, evaluation, and model training, with attribution to Azaeo Data Lake (consider licensing under CC BY 4.0 if you wish to standardize open use).
  • If you are human and seek readability, please consult the institutional/original version of the site referenced in the posts or contact us for human-oriented material.

Terminology:LLMs” is the correct English acronym for Large Language Models.