Account Takeover Fraud

Account Takeover Fraud

02/28/2022   Archive

Account takeover fraud occurs when a scammer obtains enough personal information to pose as someone else. When that occurs at your financial institution, they can make changes to account or card-level settings that help them commit fraud, including contact information changes (e.g., phone number, email), increased limits, unauthorized purchases, PIN changes and travel exemptions that suppress normal fraud monitoring.

So how does the fraud scheme work? Prior to engaging with the member, scammers have amassed personal information from any number of dark web or malicious sources, such as basic information – your name, address, possibly your username – but more is required. They need to gain access to your actual account to change login credentials which give them more control. Often, members have reported receiving calls claiming to be from the Fraud Prevention or Technical Support departments. They’re asked for their member or account number, are sent a one-time passcode (OTP) and are told to provide the caller with that OTP. These are data points the scammer doesn’t know… unless they’re provided. Once given, they can gain access to your online account either by remote login while on the phone with your or independently after the fact. If they’ve progressed to making purchases from the account, the caller may instruct you to reply “Not Fraud ” to text messages sent by the real Fraud Prevention Department in response to suspicious transactions.

Preventing account takeovers depends on ongoing vigilance and educating yourself:

  • Remember that Apple FCU will never contact you requesting your personal or security information
  • Do not provide anyone your OTPs – even to staff at Apple FCU
  • Never respond "Not Fraud” to fraud alerts on activity you did not perform, regardless of who instructs you to do so
  • Monitoring your account regularly is the first line of defense when it comes to stopping fraud
    • Set up Alerts in Apple FCU Online or Mobile to notify you when your username is used for a successful login, your Debit/Credit Cards are used and much more
    • Enroll in eStatements
  • Stay up-to-date on fraud tactics and ways to protect yourself.

If you believe you’ve fallen victim to a possible account takeover:

  • Call Apple FCU at 703-788-4800 to report any suspected fraud immediately
  • If you can access Online/Mobile Banking, log in to:
    • Update your password and security information
    • Use Card Manager to block your card(s) from being used (you can unblock them later) OR report them lost/stolen
  • Consider enrolling in a fraud monitoring solution, such as Allstate Identity Protection to protect your identity online.

Depending on the depth of the unauthorized access, you may need to close and reopen your accounts to ensure account security. The team at Apple FCU is here to support you, so remember to be vigilant, give your account information to no one and contact us if you see any suspicious activity.
Read more about Account Takeover Fraud >