SCAMS: FBI Issues Urgent Warning!

SCAMS: FBI Issues Urgent Warning!

SCAMS: FBI Issues Urgent Warning!

If your phone rings and the name of your bank comes up on the caller ID, don’t be in a hurry to answer the call. It could be a scam.

The FBI has issued an urgent warning to the public about Account Takeover (ATO) fraud scams. In these schemes, cybercriminals impersonate financial institutions to steal money or customer information. The crooks not only target individuals, but businesses and organizations of all sizes and across all sectors.

From January 2025 to late November 2025, the FBI Internet Crime Complaint Center (IC3) received more than 5,100 reports of ATO fraud, resulting in losses exceeding $262 million. The FBI says that once cybercriminals gain access to payroll, health savings, or bank accounts, they can cause tremendous harm to the account owners.

How The Scam Works

In its urgent warning to the public, the FBI explained the methods that the fraudsters use to gain access to financial accounts.

One method involves cybercriminals calling, texting, or emailing account owners and impersonating customer support or technical support personnel from the account owners’ financial institutions.

Typically, the cybercriminals tell account owners that something is wrong with their accounts. The scammers claim that either fraudulent transactions were made on the account or that the account was used to make fraudulent purchases, including firearms.

The cybercriminals advise account owners to report the fraud or stop additional transactions by filing a report. The crooks direct account owners to a specific website that is actually a “phishing” site, according to the FBI. A phishing website is a fraudulent site designed to look like a legitimate bank, payroll, or other business website.

Believing the site is legitimate, the account owners type in their login credentials, including their Multi-factor Authentication Code or One-Time Passcode. The fraudsters then use the credentials to log in to the legitimate financial institution’s website and initiate the password reset process to gain full control of the account.

In some cases, a second crook joins the scheme, posing as—of all things—a law enforcement officer. The first scammer convinces the account owners to report the crime to the fake police officer, who then asks them for their account information.

After getting the login credentials from the phishing website or after the phony law enforcement officer collects the victims’ account information, the scammers steal the money from the accounts. The FBI says the cybercrooks usually transfer the money to cryptocurrency wallets, which makes it impossible to recover or trace.

What To Do In Case Of  An ATO Incident

If you have been a victim of ATO fraud, the FBI encourages you to take action:

1. Contact Your Financial Institution

• As soon as you realize you have been scammed, notify your financial institution about what happened.

• Ask for a Hold Harmless Letter or Letter of Indemnity. By requesting a recall and obtaining these documents as soon as possible, you may reduce or eliminate your financial losses.

• Immediately report fraudulent wire transfers to both your financial institution and to the FBI Internet Crime Complaint Center (IC3) at www.ic3.gov.

2. Reset or Revoke Compromised Credentials

Change your passwords and reset all credentials, including those on user and service accounts and compromised certificates. Also, revoke and update other “secret” credentials, such as security questions and PINs. If you used your compromised passwords for other accounts, change the passwords on those sites, too.

3. File A Complaint

Contact the IC3 at www.ic3.gov to file a detailed complaint with the FBI. The complaint should include:

• All information about the cybercriminals, including the name of the financial institution they impersonated, the address, email address, and phone number.

• Any websites or software that the crooks may have asked you to visit or download.

• Any financial accounts provided or used by the cybercriminals.

Include the words “Account Takeover” in the incident description.

4. Notify The Company That The Scammers Impersonated

If the cybercriminals used a company other than your financial institution to commit the fraud, let the company know the method the scammers used to target the account owner. Notifying the company allows officials to alert other customers about the scam and take proactive steps, such as asking that the phishing pages be removed.

Stay Informed

Stay updated about ATO trends by visiting IC3 at www.ic3.gov for updated Industry Alerts and Public Service Announcements, as well as other cyber-enabled fraud schemes.

Protecting Yourself Against Scams

The FBI offers several tips on how to keep safe and avoid scams and scammers:

Limit the information you share on social media. Think twice before disclosing your personal details, such as your date of birth, specific information about your family members, and even your pet’s name. Providing this information gives criminals the means to impersonate you and steal your login credentials or bypass your security questions.

Always use unique, complex passwords.

Set up two-factor authentication on all of your accounts. Do not disable it, and never share your two-factor authentication codes.

Check your accounts regularly to watch for irregular transactions. If you notice any missing deposits, unauthorized wire transfers, withdrawals, or expenditures, contact your financial institution immediately.

Bookmark your financial institutions’ websites. In this way, you can go directly to the website and avoid clicking on third-party links.

Avoid clicking on Internet search results or advertisements. Multi-factor authentication will not protect you if you land on a fraudulent login page. Carefully examine any email address, URL, or spelling in unsolicited correspondence.

Do not give your information to unknown callers or access unfamiliar website links. Remember that companies and financial institutions generally do not contact you to ask for your username, password, or One-Time Passcode.

Be suspicious of unknown “banking” or “company” employees who call you, even if the name of the company looks familiar on your caller ID. Keep in mind that you cannot always trust your caller ID. If you pick up the phone and become suspicious, hang up, verify the correct number, and call it yourself.

Since scammers usually target people using their phones, it’s a good idea not to answer calls from numbers that you do not recognize.

Source Link:
https://www.thestreet.com/personal-finance/fbi-issues-urgent-warning-to-iphone-users-about-dangerous-scam
https://www.ic3.gov/PSA/2025/PSA251125

Related Posts:

Follow Us or Share this page: