Fermanagh Customers: Our office is temporarily closed for renovations and will reopen mid-March. Find Other Locations
Call: 717-436-2144
Pennian Bank logo in white
Call: 717-436-2144
Digital Banking Login

Account Takeover Fraud: What It Is, Why It Matters, and How We Can Help Protect You

Posted on January 15, 2026 in Security

In an increasingly digital world, connectivity and convenience have transformed the way people bank. However, these conveniences also create new opportunities for fraudsters. One of the fastest-growing forms of financial crime today is called account takeover fraud. Since January 2025, account takeover fraud losses totaled more than $262 million and the FBI Internet Crime Complaint Center (IC3) reported more than 5,100 complaints.

What is Account Takeover Fraud?

Account takeover fraud occurs when a criminal gains unauthorized access to a customer’s bank account. Once they gain access they can gather personal information, steal funds and even make fraudulent payments. Account takeover fraud can go undetected for days or weeks which can lead to deeper financial and emotional harm for the victim.

Ways Cyber Criminals Can Gain Access to Your Accounts

  • Phishing and Social Engineering
    Fraudsters impersonate trusted organizations such as banks, merchants, or even bank employees either through emails, text messages or phone calls. Their goal is to trick customers into sharing login credentials, one‑time passcodes, or personal details.
  • Credential Stuffing
    Criminals attempt to log in to banking accounts using usernames and passwords obtained from data breaches. They assume customers will reuse passwords across several sites.
  • Malware and Spyware
    Malicious software installed on a customer’s device can capture keystrokes or collect login information without the customer realizing it.
  • SIM Swap Fraud
    This is a growing tactic where the criminals hijack a customer’s phone number, allowing them to intercept authentication codes sent via text message.

What You Can Do to Protect Yourself

  • Be cautious about the information you share on social media. Hackers may use that information to guess passwords or answer security questions.
  • Use strong, unique passwords for banking and email. In addition, we recommend using multi-factor authentications (MFA), especially methods that go beyond SMS-only verification, which creates an extra layer of defense.
  • Use Bookmarks or Favorites to navigate to login websites. Clicking on website received through email or text messages could redirect you to a fraudulent page.  
  • Enable account alerts for logins and transactions.
  • Keep devices and apps updated.
  • Review account activity regularly.
  • Report suspicious messages immediately. If you suspect ATO fraud, reach out to us immediately.

It is our goal to help keep your accounts secure by combining smart technology, proactive monitoring, and providing ongoing education.

For additional information, visit www.ic3.gov for updated Industry Alerts and Public Service Announcements regarding Account Takeover fraud trends, as well as other cyber-enabled fraud schemes. If you think you have been a victim of fraud, contact our Customer Care Center.

Related Posts
Avoid COVID-19 Scammers Posted on March 31, 2020 in Security Continue Reading
Cybersecurity Tips for Consumers Posted on September 23, 2020 in Security Continue Reading
Live chat is initializing
Live Chat