Account Takeover Fraud

Business Account Takeover (ATO) fraud happens when a criminal gains unauthorized access to a business’s financial accounts. Once inside, they can initiate unauthorized wire transfers, alter key account details or lock out legitimate users – all without the business owner’s knowledge. Most ATO attacks begin with stolen login credentials. Criminals commonly obtain these through phishing emails, malware or spy software that logs the user’s keystrokes on business devices, or by using passwords from other breached websites.

A recent report by Javelin Strategy & Research found that ATO fraud resulted in $15.6 billion in U.S. losses in 2024, up from $12.7 billion in 2023. So how can ATO be prevented?

Early detection is key! In order to catch an ATO attack, be on the lookout for:

  • Unusual activity, especially outside normal business hours or geographic regions
  • Unexplained changes to user permissions or contact information
  • Alerts about login attempts or password resets that weren’t requested by any of the business’s authorized signers
  • Discrepancies in account balances or unexpected wire transfers, ACHs or external transfers to another financial institution

If any of these occur, investigate immediately. Even one red flag could mean accounts have been compromised. 

Businesses can mitigate the risk of ATOs by using multi-factor authentication for all online banking and treasury portals, as well as monitoring accounts regularly with real-time alerts and notifications for all transactions. Also, consider implementing user-level controls, such as role-based access and dual approvals for large or sensitive transactions. Educating staff on phishing techniques and the importance of strong passwords can help minimize the chance of fraudsters obtaining login details. Finally, keeping software and antivirus tools up to date will help to guard against malware-based intrusions. 

ATO can happen quickly and without warning, but with strong internal processes and digital defenses, businesses can stay a step ahead. MidFirst Bank offers fraud prevention tools to help keep your account safe. For help enabling these tools, call 888.MIDFIRST (888.643.3477).