How Small Businesses Can Prevent Account Takeover Risks

Account takeovers are a relatively new type of identity theft in which thieves obtain an account owner’s credentials to take over their online accounts.

The objective of this type of fraud is usually to use the value of the account for the thief’s own advantage. By stealing the available funds or using them to make purchases, the thief can drain the account.

This type of fraud is perpetrated on individual consumers, as well as on small businesses and large corporations. Here is what you need to know about account takeovers and how you can prevent them.



The first step to preventing these dangerous attacks is to understand how they work. Fraudsters may take multiple steps to try to obtain sensitive information for the account, such as a username, password, account number, or other credentials. Some ways that they may be able to access this personal information include:

  •  Purchasing credentials from dark web sites
  •  Searching social media or other publicly available databases
  •  Using phishing emails that get consumers to click on a link that downloads malware onto their computer that sends password information back to the thief
  •  Guessing weak passwords from an email account to gain access to another by using a password reset verification process facilitated through the email account
  •  Using a brute force password cracking tool

Many of these processes can be automated until the thief is able to steal the information. In the case of malware, victims may not discover its presence until weeks or months later after a substantial amount of sensitive data has been compromised.

Once the thief has access to the compromised account, he or she may use it to get cash advances or make purchases for his or her own benefit. The thief may transfer funds from the account in a variety of ways, including:

  •  Making ATM withdrawals
  •  Purchasing cryptocurrencies
  •   Buying goods online
  •  Transferring funds through online payment platforms
  •  Transferring funds from one account to another



Regulation E in banking is a law that describes the rights, responsibilities, and liabilities of parties involved in the electronic funds’ transfer system. Consumers can be protected from unauthorized activity and fraud under this regulation. However, this regulation does not apply to business accounts.

The criminal acts involved in account takeovers are usually part of the general framework of fraud, identity theft, and financial crimes. Fraudsters may also be required to pay restitution or be subject to civil liability, but they would have to be caught first and have any assets remaining to exercise judgment against.



When a criminal gains access to an account, they can max out the remaining balance in an account. Because many consumers use the same login credentials for multiple accounts, accessing one account may allow the fraudsters to access additional accounts. They may even use the information to create new accounts and then max out these additional accounts.

This type of identity theft is particularly serious due to the potential for the fraudster to take out different types of credit in the victim’s name. The criminal can modify the victim’s account information so that they do not receive email or paper statements or notifications about their account. This may lead to a prolonged period of criminal behavior regarding the account, which the victim may not detect until major damage has been done.



According to statistics, account takeover was already on the rise before the pandemic hit, with losses from account takeovers rising by 122% from 2016 to 2017 and then 164% in 2018. The costs of account takeover tripled from 2016 to 2017 to $5.1 billion in the United States alone.

According to Law Technology Today, all types of fraud have risen during the current pandemic. As the Association of Certified Fraud Examiners says, “Coronavirus pandemic is a perfect storm for fraud.” It explains that fraud is likely to increase when pressure, opportunity, and rationalization are present, which all three are during the pandemic. Employees may feel more pressured during economically uncertain times and when the opportunity presents itself to steal the information, they may rationalize that it is necessary for their family’s economic welfare. Fraud tends to increase during times of economic instability and recessions, according to the ACFE.



Account takeovers can occur on both the personal and corporate levels. A personal account takeover applies when only one person’s information was stolen, most likely due to consumer behavior or vulnerability on their personal device.

In contrast, corporate account takeover occurs when a thief steals a business’ credentials. The thief may steal an employee’s passwords or other credentials. In some cases, penetrating the business’ account may allow the thief access to consumer’s confidential information, too, which can result in vulnerability to many people.



While criminals are becoming increasingly sophisticated and tapping into the latest technology, there are several effective methods you can implement to prevent potential account takeovers, including:

Monitor account activity and statements

Frequently monitor your account activity and statements. Reconcile your accounts regularly. You can also set up alerts to be notified of certain transactions. 26% of victims discovered identity theft by closely monitoring their accounts.

Protect all accounting documents

Keep all of your confidential accounting documents and financial reports in a secure location. Do the same for invoices, signature equipment, checkbooks, and other tangible tools that could be used to perpetrate fraud.

Use only approved vendor listings

One of the best ways to prevent identity theft is to only work with trusted vendors and third parties. Keep an updated list of approved vendors. Look out for any of the following:

  • Emails or communications from vendors with similar-sounding names as approved vendors
  •  Vendors who only use a post office box or have no physical address
  •  Vendors that send invoices without contact information
  •  Vendors that have the same address as a current or former employee

Before taking on new business from vendors, be sure to check reviews and to carefully vet them.

Conduct employee background checks

Unfortunately, many cases of fraud are committed by the very people a business hires. However, you may be able to prevent identity theft from occurring in the first place by carefully vetting employees and conducting employee background checks. Unfavorable information in their criminal history, credit history, or professional history may serve as a warning sign against a potential hire. Just be sure that you follow all of the applicable rules regarding employee background checks, including those in the Fair Credit Reporting Act.

Train employees in fraud prevention

Good employees can serve as a primary barrier against account takeover. Even during times of economic certainty, it is important that you try to maintain a staff that can serve as the first line of defense against fraud. Invest in training your employees in fraud prevention and other ways to safeguard your corporate account, including:

  • Teaching them that your business will never send emails to them or customers asking them to provide their usernames, passwords, or account numbers
  • Teaching them not to open emails or attachments from unknown senders
  • Explaining that if they receive a communication from a legitimate source and have questions to contact the sender directly instead of through an email link
  • Instructing them not to download anti-virus software from a pop-up message saying the computer is infected

Watch for warning signs of a compromised system

You and your employees should also be aware of the warning signs that your system or account is compromised, such as:

  • You cannot log in with your credentials or you get a message that says your credentials were recently changed but you did not change them
  • Your system or account runs much slower than usual
  • Your computer locks up while you are using it
  • Your computer reboots or restarts unexpectedly
  • You cannot shut down or restart your computer
  • You receive unusual pop-up messages
  • Your computer has new toolbars or icons



If you find that your account may have been taken over, it is important that you act quickly. Stop using the computer system that may be compromised and disconnect it from your network. Notify the owner of your account that you believe your account may have been compromised. Ask for verification of the last few transactions. Disable online access to your account and create a new password. In some cases, you may need to create a new account altogether and close the compromised account.

Depending on the nature of the unauthorized activity, you may need to take additional steps such as:

  •  Checking on whether there was any address or email change recently made to your account
  •  Whether new checks or cards were ordered on your account
  •  Freeze new transactions until further notice
  •  Work with a computer forensic specialist to review the impact on your computer system and other accounts

Write down a summary of what happened and when. Contact your local law enforcement agency and file a police report in which you provide the facts and circumstances regarding the unauthorized activity. Ask for a copy of the report once it is filed. You may need this to send to your business insurance provider.


Account takeover can have serious implications for your business. However, by using the steps discussed above, you can proactively guard against this possibility and minimize the potential for an account takeover disrupting your business.

Dark Web Scan

Techvera icon

Written by Ben Hartwig

Ben Hartwig is a web operations director at InfoTracer. He authors guides on marketing and entire cybersecurity posture and enjoys sharing the best practices. You can contact the author via LinkedIn.

November 16, 2020

You May Also Like…

Skip to content