Account Takeover Fraud Losses Top $12,000 Per Incident, Could Worsen in 2023

Account Takeover Fraud Losses Top $12,000 Per Incident, Could Worsen in 2023

Account takeover fraud (ATO) is on the rise. A recent report from Security.org show’s that over 24 million US households have become victims, with average losses now exceeding $12,000 per incident… and growing.

Between 2020 and 2021, the rate of ATO fraud has increased by an alarming 90%. Total losses to ATO fraud, in this timeframe alone, have reached over $11.4 billion. However, as 2022 comes to a close, the losses tallied this year could easily hit new record highs, with 2023 being even more devastating.

Perhaps the most concerning statistic cited by the report is the commonality of the fraud. Nearly 1 in every 4 American adults have become a victim of ATO fraud. And a whopping 32% of all account takeovers affect their bank accounts, where most of the financial losses occur.

Why ATO is such a growing concern for banks and credit unions:

It’s not only the consumer who may become a victim of ATO, but banks and credit unions themselves are often on the hook for reimbursing them for these losses.

And losses are mounting. For every one dollar in fraud, financial institutions are now looking at $4 in losses, at least. This means a $10,000 account takeover fraud may be costing FIs up to $40,000 in losses.

However, on its current trajectory, the real cost per every dollar in fraud is likely to reach $5.90 by just 2025. While some institutions may be able to absorb losses like these, most cannot.

Now, there are three main things fraudsters do after a bank account takeover.

  1. They drain victim accounts
  2. They conduct money laundering schemes
  3. They apply for credit and loans

All three of these major fraud avenues are costing financial institutions big.

But, although the average ATO fraud is currently “valued” at $12,000 per incident, many victims have lost far more (and FIs as well).

Helen Stevenson and her husband, octogenarian retirees living in Florida, were recently fleeced of tens-of-thousands-of-dollars by an ATO scheme.

Their Wells Fargo bank records show their account was accessed nearly a dozen times last March, with nearly $60,000 drained. The funds were transferred to at least three online bank accounts including BankCorp, Zelle, and Apple Pay.

According to Mrs. Stevenson, she received a call from someone who claimed to be with her bank, Wells Fargo, inquiring on whether she and her husband had an online account, which she replied they do not. Days later, their funds began disappearing.

Wells Fargo did investigate the matter, but said the Stevenson’s had approved the transfers, and the bank would not reimburse the couple. But, luckily for the Stevenson’s, the U.S. Secret Service stepped in.

Caroline O’Brien-Buster, Special Agent in Charge, said the Secret Service is considering “a couple of different theories” that fall under the umbrella of bank account takeovers; especially since the Stevenson’s did not apparently conduct any online banking or p2p transfers in the past.

The good news for the Stevenson’s is once the Secret Service got involved, fraud investigators at Wells Fargo reopened the case, and concluded the funds should be paid back to the couple.

But this begs the question, how did Wells Fargo miss this fraud in the first place? The Stevenson’s are in their 80’s, do not conduct any online banking and apparently have never used any p2p services.

The sudden appearance of these highly unusual payments’ transfers should have alerted the fraud teams of the ATO activity. But apparently, it didn’t.

Could it be that Wells Fargo is not employing the best possible fraud detection and prevention tools available?

Modern fraud detection and prevention systems, like those provided by ToolCASE and driven by artificial intelligence, are custom designed to detect unusual activities in both individual customer/member and institution-wide accounts. And to detect them live, as the activity is occurring.

The ToolCASE solution, powered by RembrandtAI, has the real-time capability of finding and live-alerting fraud teams to banking discrepancies and anomalies.

In the case of the Stevenson’s, RembrandtAi may have alerted Wells Fargo to the fact that their account is now conducting a flurry of online and p2p transactions, when the Stevenson’s have no such transactional history.

Could RembrandtAi have detected this $60,000 ATO fraud, potentially preventing not only the losses to the Stevenson’s, but preventing the Secret Service from ever needing to get involved?

Discover the retail banking and credit union industry’s preferred real-time, customizable Ai fraud solutions, and receive a full demonstration of RembrandtAi’s remarkable capabilities, by visiting ToolCASE, HERE

Or read more about the Stevenson’s story, HERE

FedNoSmall CUs Are Now The Most Susceptible to Fraud