Account Takeover Scams Are Bypassing Fraud Defenses

Scammers are increasingly turning to account takeover fraud, as financial institutions ramp up their defenses. Instead of luring victims into making authorized transactions, cybercriminals are bypassing them altogether, hijacking their digital identities and draining accounts from within.

See Also: 2025 AI Adoption & Risk Report

Account takeover fraud, which involves gaining unauthorized access to a victim’s account to execute unauthorized transactions, has been rising in recent years, as scammers have become more sophisticated, taking advantage of phishing, credential stuffing and malware to exploit digital banking channels. Traditional fraud detection tools and static behavior analysis technology are ineffective because scammers can mimic legitimate user behavior.

NICE Actimize’s 2025 Fraud Insights U.S. Retail Payments report found that from 2023 to 2024, fraudster’s focus shifted slightly toward account takeover, in terms of the overall value of attempts. However, research shows that scams are still the method of choice across 57% of attempted fraud transactions.

In 2024, financial institutions globally experienced a steep rise in ATO-related incidents. According to Veriff’s Identity Fraud Report, ATO fraud climbed 13% year-over-year. FinCEN’s data further highlights the trend, revealing that U.S. banks alone filed over 178,000 suspicious activity reports linked to ATO, a 36% jump from 2023. AARP and Javelin’s research found that ATO fraud caused $15.6 billion in losses last year.

To counter this, financial institutions must take advantage of artificial intelligence-fueled behavioral biometrics that aims to go beyond static credentials, experts say.

By continuously profiling how users interact with devices, firms can shift from one-time authentication to real-time identity assurance. Rather than static checks at login, hybrid AI models adjust for device type, time of day, geolocation and other scenarios, aligning with NIST’s zero trust principle of continuous multifactor authentication. This approach catches account takeovers and eases the user journey by validating identity behind the scenes.

“The most sophisticated measurement approaches now employ AI analytics to establish dynamic baselines for these metrics, enabling continuous ROI assessment as both threats and solutions evolve over time,” Jeremy London said, director of engineering for AI and threat analytics at Keeper Security.

Emerging Fraud Trends

The rise in ATO fraud is part of a broader trend of increasingly sophisticated cyberthreats. Cross-border payments are increasingly under threat. In 2024, even as total international wire activity dropped by 6%, the value of fraud attempts surged by 40%, highlighting a shift toward more sophisticated attacks targeting high-value, low-volume transactions. One of the most vulnerable points in this process is payee onboarding. An alarming 67% of fraud cases were linked to just 7% of payments, specifically those sent to newly added payees. This underscores how fraudsters are actively exploiting the initial stages of new payee relationships as a weak link in the payment chain.

It is clear that future of behavioral biometrics lies in integrating multi-modal signals with AI models trained to detect adversarial threats. This combination is essential to effectively identify and block both human fraudsters and synthetic identities.