Account Takeover Risks During Pandemic: Solutions for Small Businesses

In addition to fighting a deadly virus in real life, many businesses are also dealing with warding off computer viruses and other attacks like account takeovers during the pandemic. Account takeover fraud occurs when a criminal gains unauthorized access to an account and changes account information so that the true account owner is obstructed from accessing their own account or noticing suspicious activity.

Account takeover fraud can result in the loss of account access, as well as a possible disruption of your business services if client or customer information is infiltrated. Account takeover fraud – along with all types of other fraud schemes – is on the rise during the pandemic according to cybersecurity statistics. However, there are steps that you can take to minimize your exposure to this risk.

How Does Account Takeover Work

The first way to prevent account takeover fraud is to know how it happens.

Account takeover usually occurs by a criminal making contact with a customer or business. The criminal may impersonate a business that the customer trusts and ask them to open a link, download a program, or update information that the criminal then uses to gain access to the account. Next, the criminal will make changes to the account, such as changing the address, email address, or phone number associated with the account. The criminal may use the account to make unauthorized purchases or to install malware on the customer’s computer to steal their identity.

Some examples of ways that criminals may commit account takeover include:

  • Credential stuffing – Credential stuffing occurs when a fraudster gains part of a customer’s identifying information, such as their username, and then tries to force a computer program to input different passwords until the correct password is found.
  • Email account takeover – Email account takeover occurs when the fraudster gains access to a person or business’ email account through a data breach, such as by purchasing credentials on the dark web. Once the email account is taken over, the fraudster may use it to open new accounts or takeover existing accounts associated with it, such as by resetting passwords to other accounts and sending the new details to the hacked email account.
  • Replay attacks – A replay attack occurs when a fraudster intercepts information shared on a secure network and uses it to delay or resend directions to the victim in order to obtain confidential information.
  •  Call center fraud – Call center fraud occurs when the criminal contacts a business, pretending to be the account owner, in order to trick a call center worker into granting him or her access to the account.

Corporate and Personal Account Takeovers: Differences and Consequences

Account takeover can occur to corporate or personal accounts. In a personal account takeover, the fraudster takes over an individual consumer’s account. In a corporate account takeover, the fraudster may take over a corporate account, such as a corporate credit card or business checking account. However, when a corporate account is taken over, there is an additional risk that the fraudster may also be able to access information about the business’ clients or customers if the business has their sensitive information tied to their account. This can place the business at additional risk of a costly data breach or being found to have violated information security laws or other business standards of practice.

Account Takeover Fraud Risks 

There are certain characteristics that can make a business more susceptible to account takeover fraud, such as:

  • Using unsecured networks – With so many people working from home now,  your business systems may be at risk if people are accessing them from unsecured networks.
  • Outdated virus protection – Phones, tablets, computers, and other devices that are connected to your network are all a potential access point to confidential information. Any device that is connected should be updated with the latest anti-virus software.
  • Hiring unknown people – Hiring during pandemic can be difficult if you are unable to meet with the applicant in person. You may be trusting a stranger who will have access to your sensitive data.
  • Lack of employee training – Employees are the first line of defense against cyberattacks. Now educating and training your employees about potential cyber risks can make your company more vulnerable to takeover.

How Your Business Can Prevent Account Takeover Fraud

Fortunately, there are many steps that you and your staff can take to prevent account takeover fraud, including:

  • Provide training – Educate your staff on spotting and preventing phishing attacks. Give them tools to identify phishing attacks, such as email lookup that you can use to verify the email address from someone who has contacted your company. Let your staff know that you will never email them asking them for confidential information about the business or its customers.
  • Protect your online environment – Use only secure networks and limit administrative privileges only to those who need it.
  • Partner with your bank – Be sure that your bank has a clear process in place to help prevent and respond to unauthorized transactions.
  • Monitor account activity – You can set up alerts and other safeguards so that you are quickly notified of any suspicious activities and can respond promptly to these threats.

How to Respond to Account Takeover Fraud

If your corporate account has been taken over, work quickly with your financial institution to reclaim your account. If any customer information has been compromised, you will need to inform impacted customers and consult your cybersecurity response plan.


While the pandemic has encouraged account takeover and other forms of fraud, a clear plan and dedication to cyber

Author’s BIO: Ben Hartwig is a web operations director at InfoTracer. He authors guides on marketing and entire cybersecurity posture and enjoys sharing the best practices.   You can contact the author via LinkedIn.


No posts to display