Fraudulent Account Takeovers Increase in the UK

Sep 30, 2019


Account takeover cases in the UK are on the rise. An account takeover is a form of identity theft where criminals illegally access bank accounts, credit cards, or online e-commerce accounts with the use of bots or other techniques. Once they have access, they can illegally shop and carry out fraudulent transactions from the compromised accounts.

During the first half of 2019, the value of alleged fraud was down 7.5% when compared with the same period from the previous year but the number of account takeovers grew an alarming 57 percent. This is a huge cause for concern.

Understanding Account Takeovers

Data was analysed from 217 cases of alleged fraud from the first half of 2019 to identify trends in the illegal activity. The most alarming takeaway is that four cases involved repeat offenders totaling £2.6m in new charges, indicating that cybercrime is becoming more commercialised.

Account takeovers can be accomplished in a variety of sneaky ways, including email, text messages, and smartphone apps all in the pursuit of obtaining the personal data that will allow them access to your accounts.

Some scammers even run involved schemes where they will pose as a legitimate company until they have access to your bank details. This often happens when a business feels that their computers have already been compromised and are looking for help removing viruses or upgrading security features.

Sometimes, account information is obtained simply from credential cracking. This is when fraudsters use the information they know about you or commonly used passwords to gain access to your accounts.

Once your account information has been taken over, scammers will oftentimes sell your information on the dark web. Other scammers will then purchase these account details in mass and automatically try them on several different websites to see if that account information was used more than once on other websites.

How to Minimise Account Takeover Risk

While it may seem obvious, being cautious with your account details can sometimes be taken for granted, especially when the scammers are the ones offering the “solution”. Sometimes, it’s not even a matter of whether or not you freely give out your information.

To help protect yourself against cybercrime, you should have a unique password for every account that you have. Your passwords should include lowercase and capital letters, numbers, and special characters such as asterisks and hashtag symbols. Your password should not have anything to do with you personally, such as children or pet names, birth dates, or where you live.

You should also always research companies before providing any account details and never provide passwords. Any security company you use should have a website, legitimate online reviews, and preferably a BBB page. If you are approached by a company, there is a possibility that they are scammers and you should seek other options for your security concerns.

While most account takeovers come from outside sources, you should still follow due diligence when hiring employees, especially if they are filling a financial role.

In Summary

The Cyber-Attacks (Asset-Freezing) Regulations 2019 (SI 2019/956), enforced in June, requires banks to repay stolen funds that are the result of account takeover to customers. While this is a step in the right direction, you should still be stalwart about protecting your account information.

Account scammers are only becoming more creative with their methods for accessing your account, so each business needs to be more cautious in turn whenever they are asked for any account information.

Let us help you get a high risk merchant account today!

Get Started

Award winning.

  • 2012
  • 2013
  • 2014
  • 2015
  • 2016

Having a merchant account allows an account holder to take advantage of merchant cash advances. When a merchant is approved for an advance, the business agrees to receive a lump sum of cash in exchange for an agreed-upon percentage of future credit card sales.

Pricing varies depending on the merchant’s industry, past credit card processing history, the type of business seeking the account, average ticket sales, and average transaction volumes.

Yes, EMB works with merchants who are building their credit, as well as those who have poor credit. EMB also approves merchants that have no credit card processing history and businesses that have lost their merchant accounts due to high chargebacks.

Several factors influence a merchant’s risk level. Though only one factor likely will not get a merchant classified as high risk, a combination of these may: business size, location, and industry, credit score, credit card processing history, a industry’s reputation for excessive chargebacks, a prior history of high chargeback ratios, and whether a merchant exclusively sells online.

Virtual terminals are stationed on a merchant’s website, making it easy for customers to make a payment or purchase online. Merchants or a payment processor can easily set up virtual terminals, so online businesses can accept credit and debit card and e-check transactions.

A merchant account is a business account with an acquiring bank. Without this business account, which actually works more like a line of credit, a merchant cannot accept and process credit and debit card transactions. Businesses need a merchant account to accept major credit cards via a static point-of-sale terminal, mobile card reader, or through a virtual payment gateway.

After filling out EMB’s simple online application and submitting any necessary, requested documents, many merchants get approved within 24 and 48 hours.

EMB specializes in working with high-risk merchants. EMB works with many merchants, including but not limited to businesses in these industries: gambling and gaming, adult entertainment, nutraceuticals, vaping and e-cigarettes, electronics, tech support, travel, high-end furniture, weight loss programs, calling cards, e-books and software, and telecommunications.

Live Chat