Account takeover

Account takeover is unauthorized access to a user's account by an attacker who takes control of it. The attacker impersonates the user to move funds, change settings, or extract personal and financial data. They may add devices, reset recovery options, or suppress alerts to keep control.

Example

An attacker uses phishing, credential stuffing, or malware to capture a user's login for an online banking platform. After signing in, they transfer money, make purchases, and extract data. The same pattern applies to digital wallets and stored-value accounts, such as airline miles or gift cards. The attacker spends points, converts value, or resells vouchers. BNPL accounts are targeted for fast checkout fraud, with goods sent to drop addresses and money mules handling receipt or resale. In every case, the account owner is left with disputed charges, drained balances, and remediation work after the breach.

Related topics:

Collections in consumer lending Maximizing Debt Recovery with Cutting-Edge Tools and Strategies The process of implementing a decision engine What is a decision engine?