Account Takeover Fraud Warning

Let's Knock Out Account Takeover Fraud

In November 2025, the Federal Bureau of Investigation (FBI) issued a public service announcement regarding Account Takeover (ATO) Fraud. ATO fraud almost always begins with impersonation and social engineering—tactics designed to trick you into handing over sensitive information or approving transactions.

How Account Fraud is Executed

1. Social Engineering & Impersonation

Criminals contact members through:

Phone calls
Text messages
Emails
Fake “support” chats

They pretend to be:

Your financial institution’s fraud department
Customer support
Technical support
Even, in more advanced cases, law enforcement

Their goal is to pressure or confuse you into providing:

Online banking username and password
One-Time Passcodes (OTP) or multi-factor authentication (MFA) codes
Debit or credit card numbers
PINs and CVV/CVC security codes

Once they have this information, attackers may:

Log in and reset your password, locking you out
Initiate transfers or withdrawals
Counterfeit your card
Add travel alerts to enable out‑of‑area fraud

2. Phishing Websites & “Search Engine Poisoning”

Criminals increasingly create sophisticated fake websites that look identical to your financial institution’s online banking portal. They often:

Send a link via text or email
Buy search engine ads that appear above the legitimate credit union website (SEO poisoning)

When you log into the fake site, they capture your credentials instantly.

3. Physical Device Access

Even brief access to your unlocked phone gives criminals enough time to:

Access saved passwords
Open mobile banking apps
Transfer funds

The Breakdown: How Fraudsters Execute the Attack

THE REQUEST

The fraudster convinces you to “verify” your identity by giving sensitive information:

Username & password
PINs
6‑digit authentication codes
Card numbers & security codes

They may claim:

“We detected suspicious activity. Please confirm your identity so we can secure your account.”

THE TRANSFER

Fraudsters use high‑pressure tactics to push you into sending the money yourself, making recovery more difficult. They may say:

“We need you to move your funds to a safe account.”

THE TAKEOVER

The criminal:

Resets your password
Locks you out
Makes rapid transfers—often to accounts linked to cryptocurrency wallets, making funds hard to recover

How You Can Stop Account Takeover Fraud

1. DON’T let anyone borrow your unlocked device.

Even a few seconds is enough for someone to access your accounts.

2. DON’T respond to unexpected texts, calls, or emails—even if they look official.

Fraudsters can spoof legitimate phone numbers and caller IDs.

The Southern will NEVER call, text, or message you asking for:

Your password
Your PIN
Your one-time security code
Your full card number

3. Always contact us directly.

If something seems suspicious, hang up and call us yourself.

📞 Call The Southern directly at 770.719.1111

4. Sign up for real-time alerts.

Enable:

Debit/credit card transaction alerts
Balance threshold alerts
These notifications help you spot unauthorized activity quickly.

5. Use strong security practices.

The FBI recommends:

Use unique, complex passwords
Enable Multi Factor Authentication (MFA) wherever possible
Monitor your accounts frequently
Never navigate to banking sites through ads—use bookmarks or type the URL manually

If You Believe You’re a Victim

Act immediately:

Contact The Southern to request a recall or reversal of any fraudulent transfers.
Change all passwords for your financial and email accounts.
Report the incident to the FBI Internet Crime Complaint Center (IC3) at www.ic3.gov.
Notify any company or institution the scammers impersonated.

Resources you may want to bookmark:

https://www.identitytheft.gov/

https://consumer.ftc.gov/

https://clark.com/scams-rip-offs/

https://www.fbi.gov/how-we-can-help-you/scams-and-safety/common-frauds-and-scams