An account takeover occurs when an innocent party’s account is hijacked by a third party who subsequently commits unauthorised activity on the account.
The takeover usually happens via the theft of existing security details. Unauthorised activity could involve changing security details, performing bank transfers, and contact detail changes, as well as issuance of new products and replacement cards.
Any account could be taken over by fraudsters, including bank, credit card, email, and other service providers.
The theft of security details can take place in a number of ways but it is usually in the form of a confidence trick, so by first gaining the victim’s confidence. Some of the common methods of security compromise are electronically via phishing, spyware or malware, and also via vishing (phishing via a phone call).
Fraud has been committed if a financial loss is incurred.
Compromised Card Fraud
This is where a card transaction occurs without the card holder’s authority.
In order to commit this type of financial crime, the fraudster has been able to obtain the security details relating to the card, such as card number, ‘valid from’ date, ‘valid to’ date, PIN, three digit security number, and of course the cardholder’s name.
These details may have been obtained using various means such as phishing emails, vishing calls, social engineering, hacking, or a point of compromise at a retailer.
One of the most prevalent ways that fraudsters conduct this type of financial crime is via online purchase of goods or services.
Impersonation fraud occurs when an individual’s identity is stolen.
The perpetrators will use personally identifiable information (including name, date of birth, contact details and bank account information) to gain access to resources, credit, and other benefits in the victim’s name, which may then be used to facilitate other criminal behaviour such as terrorism.
The most common use of impersonation fraud is to obtain financial benefits including obtaining credit cards, loans, insurance policies, goods, and services.
This relates to instances where a person allows, either knowingly or unknowingly, the receipt of funds into their bank account and then arranges to move the funds on, typically sending the funds overseas. It is highly likely these funds have been stolen from an innocent person by an account takeover of that person’s bank, savings or card account.
Persons are recruited by email, most likely purporting to be an offer of employment, via job search websites, or a social environment.
The remuneration offered is usually a percentage of the funds transferred via the account. The offer may seem very plausible but remember handling money that has been obtained fraudulently is a crime, even if you are unaware of where the money originated from.
This occurs where fraudsters attempt to obtain mortgages on or facilitate the sale of properties which they do not own.
Properties which are unencumbered (so there is no existing mortgage or financial liability associated to it) are at most risk and this is further heightened where the property is vacant or is a rental property, due to the reduced monitoring and focus.