Preventing Account Takeover Fraud
Whether it’s an unfamiliar transaction or a password change notification if you see something you don’t recognize, take action. It could be a sign of account takeover fraud and needs to be reported as soon as possible.
When fraudsters successfully hack into customers’ accounts, they use a variety of tactics to gain access. They drain the victims’ financial accounts of monetary funds and loyalty points, buy goods, services, and gift cards in the victim’s name, and sell account information online (e.g., email address, phone number). And they don’t stop there: once a criminal has the login credentials for a checking, savings, credit card, or other type of account, it becomes easy to steal more PII and rewards points to take over additional accounts, and even use a victim’s name for money transfers and mortgage loans.
Preventing Account Takeover Fraud: Proactive Measures and Practices
To prevent account takeover fraud, teams need to combine user behavior with a fine-tuned rules engine that identifies the signals that can indicate that ATO is happening or is likely to happen. Using real-time notifications, like a password change that’s received from a different device or time zone, and providing users with the ability to verify or dispute changes helps. Also, combining log-in data with geolocation analytics can help identify anomalies and alert teams to suspicious behavior. A sudden increase in chargeback requests and fraudulent transaction claims could be a sign of account takeover, as well as a spike in reward point balances that don’t match the customer’s normal behavior.