As Utah’s community bank, we take your security seriously. Whether you come to us for a personal checking or business bank account, we want to make sure that account stays secure. The question is, how do you protect yourself? And have you ever even heard of an Account Takeover (ATO)? Let’s dig a little deeper.
What is an ATO?
An Account Takeover (ATO) is a form of cyber attack in which criminals steal passwords and usernames to take ownership of online accounts. Once they have obtained this information, they can commit fraud by impersonating the legitimate account holder. The stolen data, which may include Personally Identifiable Information (PII), such as name, address, email, phone number, date of birth, business name, cellphone provider, social media and login accounts and passwords, is typically obtained through social engineering techniques like phishing, vishing, or smishing attacks, or through data breaches.
Once they have obtained it, attackers can use this information to make changes to the account, such as increasing limits or changing Personal Identification Numbers (PINs), to evade fraud monitoring tools. Merchants are often targeted in data breaches but account takeover attacks can originate from other sources as well.
How do bad guys get in?
There are various schemes that contribute to account takeover, including skimming, malware, phishing, vishing, and smishing. Skimming and malware attacks involve stealing data through point-of-sale (POS) terminal devices or other types of software, while phishing, vishing, and smishing involve tricking cardholders into revealing confidential information. These schemes have become increasingly sophisticated, making it more difficult for cardholders to detect fraudulent activity. Malicious software, such as Man-in-the-Browser (MitB) attacks, is also a significant threat to the security of financial data.
In this type of attack, a cybercriminal infects a victim’s computer with malware, which then allows the attacker to monitor and modify the victim’s web browser activity without their knowledge. Once the malware is installed, it can intercept and modify web page content, steal login credentials, and initiate unauthorized transactions. The malware can also redirect the victim to a fake website that appears to be legitimate, allowing the attacker to collect sensitive information such as usernames, passwords, and financial data.
How can you protect yourself?
To prevent account takeover, it is important to maintain a secure operating system and deploy robust security and anti-malware software. Organizations should also implement a dynamic, multi-layered detection and prevention strategy. In addition, cardholders should be reminded to safeguard their personal information and online banking credentials. They should also be cautious of suspicious phone calls, text messages, or emails, and avoid clicking on links or providing personal information in response to these communications. Organizations should also consider adding an additional layer of security, such as a step-up authentication tool, and providing clear guidelines for customers on how to report suspected fraud.
To protect against account takeover attacks, organizations can take a number of steps, including placing a banner on their website indicating that customers will never be asked for full social security numbers, PINs, or one-time passcodes. They can also include a message on their phone system in place of hold music to inform customers of this policy. Additionally, authentication factors on the database should be set to require 100% authentication match on IVR options, and rules for the current trend should include the “Ignore All Exemptions” and “Restrict Card” options. Finally, in cases of suspected fraud, organizations should notify local authorities and impacted networks.
At First Utah Bank, security is important to us. We understand financial institutions, bank accounts, and cards are constantly under threat. That’s why we want to make sure you’re prepared. If you have any questions about bank security, do not hesitate to reach out. We take security and transparency very seriously.