Se habla español(757) 930-3660
Identity Theft Help

Account Takeover

Account takeover is different from new-account fraud. The criminal doesn't open a new account in your name — they gain access to an account you already have (bank, brokerage, retirement, email) and take control of it.

How account takeover happens

  • Credential stuffing. Criminals use leaked username/password combinations from data breaches. If you reuse passwords, one breach compromises many accounts.
  • Phishing. You click a link, enter your credentials on a fake login page, and the criminal captures them.
  • SIM swapping. The criminal convinces your mobile carrier to transfer your phone number to their SIM. They then intercept your 2FA codes.
  • Social engineering. The criminal calls customer service, pretends to be you, and convinces the rep to reset your password or change your contact info.
  • Malware. Keyloggers or screen-capture malware on your device records your login credentials.

Signs of account takeover

  • Password-reset emails you didn't request.
  • Login alerts from unfamiliar locations or devices.
  • Your password stops working.
  • Transactions you didn't authorize.
  • Contact information changed without your knowledge (email, phone, address).
  • Your phone suddenly loses service (SIM swap).

Immediate steps if you've been taken over

  1. 1.Secure the account. If you can still log in, change your password immediately. Enable MFA if it wasn't already on. Revoke any unfamiliar authorized devices or sessions.
  2. 2.Contact the institution. Call the bank, brokerage, or service provider immediately. Tell them your account has been compromised. Ask them to freeze the account and reverse unauthorized transactions.
  3. 3.Secure your email. If your email was compromised, the attacker can reset passwords for every account linked to it. Change your email password first, enable MFA, and review recovery settings.
  4. 4.If SIM swapped: Contact your mobile carrier immediately. Ask them to port your number back and add a PIN or passcode requirement for future changes.
  5. 5.File a police report — especially if significant money was taken.
  6. 6.File an FTC report at IdentityTheft.gov.
  7. 7.Change passwords on every account that shared the compromised password.

Recovery rights

For bank accounts, Regulation E limits your liability for unauthorized electronic fund transfers — but you must report the fraud promptly. Report within 2 business days of learning of the theft and your liability is capped at $50. Wait longer and it goes up.

For credit cards, Regulation Z caps liability at $50 for unauthorized charges — and most issuers offer zero liability.

Prevention

  • Use a password manager with unique passwords for every account.
  • Enable MFA everywhere — preferably an authenticator app, not SMS.
  • Set a PIN with your mobile carrier to prevent SIM swaps.
  • Enable login alerts so you're notified of access from new devices.
  • Never click links in unsolicited emails. Go directly to the site.

Credit-report connection

Account takeover usually doesn't create new tradelines — but if the criminal opens new credit lines from your existing account (like a credit-card balance transfer or a line-of-credit draw), that activity may show up. If you see unfamiliar credit activity, freeze your credit and follow the dispute process.