Account takeover

Account takeover (ATO) is a type of cyber crime in which an unauthorized person gains control of a victim's account, typically on an online platform. A stolen account may be used for data theft or various forms of online fraud. According to a 2023 survey, 29% of the U.S. population has been the victim of an account takeover.^[1]

Account takeover can be caused by several methods, including:^[2]^[3]

Phishing, misleading the victim into giving away their credentials by impersonation.
Malware infection on the victim's device with an infostealer, which is able to extract saved passwords and cookies from the browser.
Credential stuffing, trying out passwords that are common or were previously breached.

References

↑ Cruz, Brett. "Account Takeover Incidents are Rising: How to Protect Yourself". security.org. Retrieved 28 May 2025.
↑ FBI Internet Crime Complaint Center. "Account Takeover Fraud (ATO)". ic3.gov. Retrieved 28 May 2025.
↑ Fortinet. "What Is Account Takeover (ATO)?".

This article "Account takeover" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:Account takeover. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.

[1] Cruz, Brett. "Account Takeover Incidents are Rising: How to Protect Yourself". security.org. Retrieved 28 May 2025.

[2] FBI Internet Crime Complaint Center. "Account Takeover Fraud (ATO)". ic3.gov. Retrieved 28 May 2025.

[3] Fortinet. "What Is Account Takeover (ATO)?".

[1]

[2]

[3]

Account takeover

See also

References