The FBI has issued a critical warning about an alarming rise in account takeover (ATO) fraud, revealing that cybercriminals impersonating bank support teams have stolen more than $262 million since January 2025. The report, published by the FBI’s Internet Crime Complaint Center (IC3), highlights a massive escalation in sophisticated social engineering tactics targeting individuals, businesses, and organizations across nearly every industry sector.
According to the FBI, IC3 has received over 5,100 complaints related to ATO schemes this year alone. These attacks follow a simple but devastating pattern: criminals pose as legitimate financial institution staff or customer support agents, tricking victims into surrendering sensitive login credentials, including multi-factor authentication (MFA) codes or One-Time Passcodes (OTPs). With this information, attackers gain full control of online banking, payroll, and even health savings accounts, often resetting passwords to lock victims out entirely.
Once they’ve hijacked an account, cybercriminals move quickly. The FBI notes that stolen funds are typically wired into cryptocurrency wallets, making recovery nearly impossible. Because crypto-based transfers are fast, anonymous, and irreversible, threat actors can disperse funds long before victims realize what has happened. In many cases, the attackers also change passwords, effectively seizing the account and preventing the owner from accessing their own financial information.
The FBI’s public service announcement emphasizes the danger of phishing, warning that cybercriminals are increasingly impersonating bank representatives, fraud departments, or support teams through phone calls, text messages, emails, and even chat platforms. Some victims report being told their accounts were used for fraudulent purchases—including firearm purchases, a manipulative tactic meant to spark fear and urgency. Others have encountered a second layer of deception: criminals posing as law enforcement officers to extract more data or direct victims to malicious websites.
These fraudulent websites are often highly convincing replicas of actual bank portals or payroll platforms. Cybercriminals sometimes employ SEO poisoning, boosting fake sites to the top of search results and tricking users who search for their bank’s login page. This increases the chances that victims will land on phishing pages instead of legitimate ones.
The FBI urges the public to take key precautions: monitor all financial accounts regularly, use unique and complex passwords, enable MFA, and avoid logging in through search engine results. Instead, the agency recommends using bookmarked URLs or typing the bank’s website address manually. Victims should immediately contact their bank to request a fund recall and obtain indemnification documents, which may reduce financial losses. The FBI also encourages reporting incidents to ic3.gov, including details about impersonated companies and any suspected criminal financial accounts.
As cybercriminal tactics become more deceptive and well-coordinated, the FBI continues to warn that awareness and proactive security habits are essential defenses. The surge in ATO fraud demonstrates how vulnerable anyone can be when attackers leverage social engineering techniques that exploit trust, urgency, and fear.
Conclusion:
The FBI’s alert underscores the growing sophistication behind modern financial scams—and the staggering losses they can inflict. With more than $262 million stolen already this year, individuals and organizations must remain vigilant, strengthen their online security practices, and verify every communication claiming to be from a financial institution. As ATO attacks evolve, awareness and rapid action remain the strongest tools to prevent catastrophic financial loss.
