The FBI has warned that cyber criminals are impersonating staff at financial institutions to steal money or information in Account Takeover (ATO) fraud schemes. Since January 2025, the FBI Internet Crime Complaint Center (IC3) received more than 5,100 complaints reporting ATO fraud, with losses exceeding $262 million.
Details can be found here: https://www.ic3.gov/PSA/2025/PSA251125
Jim Routh, Chief Trust Officer at Saviynt, commented:
“The large majority of ATO accounts referenced in the FBI announcement occur through compromised credentials used by threat actors intimately familiar with the internal processes and workflows for money movement within financial institutions. The most effective controls to prevent these attacks are manual (phone calls for verification) and SMS messages for approval. The root cause continues to be the accepted use of credentials for cloud accounts despite having passwordless options available.”
If you want to protect yourself from a scam like this, this link will help: Learn about the phony bank investigator scam
Like this:
Like Loading...
Related
This entry was posted on November 25, 2025 at 4:25 pm and is filed under Commentary with tags Scam. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
FBI Says Hackers Stole $262M by Impersonating Bank Staff
The FBI has warned that cyber criminals are impersonating staff at financial institutions to steal money or information in Account Takeover (ATO) fraud schemes. Since January 2025, the FBI Internet Crime Complaint Center (IC3) received more than 5,100 complaints reporting ATO fraud, with losses exceeding $262 million.
Details can be found here: https://www.ic3.gov/PSA/2025/PSA251125
Jim Routh, Chief Trust Officer at Saviynt, commented:
“The large majority of ATO accounts referenced in the FBI announcement occur through compromised credentials used by threat actors intimately familiar with the internal processes and workflows for money movement within financial institutions. The most effective controls to prevent these attacks are manual (phone calls for verification) and SMS messages for approval. The root cause continues to be the accepted use of credentials for cloud accounts despite having passwordless options available.”
If you want to protect yourself from a scam like this, this link will help: Learn about the phony bank investigator scam
Share this:
Like this:
Related
This entry was posted on November 25, 2025 at 4:25 pm and is filed under Commentary with tags Scam. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.