Welcome to the Fraud Fight Forum, the Pan-African Exchange Platform of suspected Fraud. Join AIBFPC as a member to exchange about Fraud Risk Patterns and access to Fraud & Scam Risk Register for Insurance, Banking and Stock Market intermediaries

Account Takeover (ATO)

AIBFPC-Admin

Fraud Risk Scheme:

A fraudster obtains a user's login credentials through techniques such as phishing, data breaches, or brute-force attacks. Once the credentials are compromised, they access the targeted account whether it’s a bank account, an online service, or an email account and modify key information such as the password or recovery email address in order to lock out the legitimate user. The attacker can then perform fraudulent transactions, steal data, or use the account to launch further attacks.

Detection:

Unusual activity after a password change: Enhanced monitoring of logins, transactions, or suspicious behavior in the hours following a password reset.
Logins from multiple IP addresses: Detection of login attempts from different geographical locations or IP addresses within a short timeframe.

Prevention:

Multi-Factor Authentication (MFA): Systematic implementation of two-factor (2FA) or multi-factor authentication to secure access to sensitive accounts and reduce the risk of credential-based attacks.
Alerts for changes to security settings: Immediate notifications sent to the user in the event of a password change, email address update, or modification of recovery information, with the option to dispute the change.

Share Your Feedback:

What tools, techniques, and processes do you use to detect and prevent account takeovers?