The FBI has issued a new alert about a sharp increase in account takeover fraud, saying cybercriminals have stolen more than 262 million dollars so far this year by breaking into people’s online financial accounts.
According to the FBI’s Internet Crime Complaint Center, more than 5,100 reports have been filed since January 2025. These attacks have affected individuals, businesses, and organizations in every industry.
In an account takeover scheme, criminals use social engineering tricks or fake websites to steal login details for online banking, payroll, or health savings accounts. After they gain access, they quickly move money into cryptocurrency wallets. These transfers are difficult to reverse and often impossible to trace. In many cases, the criminals also reset the account password, locking the real owner out of their own account.
The FBI said criminals often pretend to be bank employees or customer support agents through text messages, phone calls, or emails. They try to convince victims to share their login details, multi-factor authentication codes, or one-time passcodes. Some victims reported that the scammers falsely claimed their information was being used for fraudulent purchases, including firearm sales, to pressure them into visiting a phishing site or giving information to another criminal pretending to be law enforcement.
These phishing websites are made to look exactly like real banking or payroll sites. Some attackers also use SEO poisoning, pushing their fake sites to the top of search results by paying for ads.
To stay safe, the FBI recommends keeping a close eye on your accounts, using strong and unique passwords, enabling multi-factor authentication, and visiting banking websites through bookmarks instead of search results.
If someone becomes a victim, they should contact their bank immediately to request a recall and ask for a Hold Harmless Letter or indemnification documents, which may help reduce the financial loss. The FBI also advises filing a report at ic3.gov with as much detail as possible, including the criminals’ financial accounts and the name of any impersonated company.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
This warning follows a similar alert from September, when the FBI reported that scammers were impersonating the official IC3 website to steal personal information and run financial scams.
