Deep dive: Exploring the latest account takeover fraud statistics [2025]

What is account takeover fraud?

Account takeover fraud (ATO) is when fraudsters gain access to a customer’s account without their permission, a type of identity theft. Any online account can be targeted, with the potential for huge financial damage. 

In committing ATO fraud, a criminal actor will go through two steps. First, the fraudster gains access to the victim’s account by deploying stolen account information or information they’ve bought.

Once a fraudster has gained access, they will make non-monetary changes to the account. These include:

• Changing the victim’s personally identifiable information,
• Requesting a new card
• Adding an authorized user
• Changing the password

The fraudsters can then make a series of unauthorized transactions that appear legitimate. Alternatively, they may sell the confirmed account or the customer’s data to someone else.

Utilizing these illicitly obtained credentials on a large scale constitutes credential stuffing. Credential stuffing is one of the most common techniques for taking over user accounts. Credential stuffing is dangerous to consumers and enterprises because of the ripple effects of these breaches. One of the other challenges is the common practice of users utilizing identical passwords and usernames/emails across multiple platforms. If these credentials are compromised through means such as a database breach or phishing scheme, inputting these stolen credentials into numerous other websites can potentially grant an attacker access to those accounts as well.

ATO in 2025: Key trends and findings

The Veriff Fraud Report 2025 reveals critical insights into how the ATO threat is evolving:

• In 2024, account takeovers and multi-accounting surged, with cybercriminals exploiting stolen credentials and promotions. Account takeover cases increased by 13% compared to 2023, and multi-accounting saw a 10% increase year-on-year.
• 1 in 3 attacks leveraged AI-generated deepfakes or synthetic data to bypass detection
• Session hijacking and synthetic identity fraud were commonly paired with ATO tactics
• LATAM and US regions faced the sharpest increases, especially in financial and gaming sectors

Why is ATO rising so fast?

Credential stuffing at scale

Hackers use leaked credentials from past data breaches to fuel bots that test login combinations across countless platforms. This process is fast, automated, and highly effective, especially when users reuse passwords.

Weak or outdated MFA

Many organizations still rely on SMS-based multi-factor authentication (MFA), which can be easily bypassed through SIM swapping. Without robust identity verification, these vulnerabilities are prime targets for attackers.

AI-driven fraud techniques

Cybercriminals have turned to generative AI to enhance their tactics, creating realistic deepfakes, mimicking legitimate user behavior, and spoofing biometric data. Traditional detection methods are quickly becoming ineffective against these advanced techniques.

Recent reports show a staggering 2,100% rise in fraud attempts involving deepfakes over just three years. Criminals are no longer limited to phishing or stolen credentials—they’re now leveraging AI-generated audio and video impersonations to outsmart even the most advanced verification systems.

Forge identification documents

Spoof biometric systems like facial and voice recognition

While the financial industry bears the brunt, this growing threat impacts all sectors. Combating synthetic identity fraud demands multi-layered defenses, including AI-enhanced liveness detection, real-time behavioral monitoring, and cross-industry fraud intelligence sharing.

Identity infrastructure gaps

Outdated fraud detection systems and fragmented verification processes leave gaps that fraudsters exploit, particularly in industries rapidly adapting to digital transformation.

Techniques behind ATO attacks

Cybercriminals in 2025 employ increasingly advanced techniques to execute account takeover (ATO) fraud at scale. Phishing and spear phishing campaigns impersonate trusted brands or individuals to trick users into revealing their login credentials, while AI-enhanced credential stuffing uses machine learning to automate and optimize password-guessing attempts across multiple platforms. Meanwhile, malware and device hijacking tactics like keyloggers and remote access trojans silently collect sensitive data or hijack user sessions. 

According to Veriff Ifentity Fraud Report 2025, one of the most dangerous evolutions in this space is emulator-based ATO, where fraudsters use sophisticated software to mimic real devices, bypassing traditional security measures like device fingerprinting and behavioral analytics. These emulators allow attackers to simulate trusted environments, making unauthorized access appear legitimate, and enabling high-volume, stealthy takeovers that can lead to severe financial and reputational damage.

A parallel and increasingly prevalent threat is Business Email Compromise (BEC) — a rapidly expanding ATO subtype. As highlighted in recent findings, BEC schemes exploit compromised or spoofed business email accounts to manipulate employees, particularly within finance teams, into authorizing fraudulent transactions. Common tactics include domain spoofing, social engineering, and fake invoices or wire transfer requests. These attacks are surging in frequency and sophistication, with BEC losses estimated to have reached billions globally in 2025. The scale of this threat underscores the urgency of implementing strong ATO prevention strategies, including robust email authentication, vigilant employee training, and multi-factor authentication.

The rising cost of inaction: Account takeover fraud in 2025

​Account Takeover (ATO) fraud continues to be a significant and escalating threat, resulting in substantial financial losses worldwide. Recent data underscores the severity of this issue:​

• Global financial impact: In 2023, ATO fraud led to nearly $13 billion in losses, marking an increase from $11 billion in 2022. ​Sift+1SpyCloud+1
• Projected future losses: By 2025, financial losses from ATO fraud are projected to reach $17 billion globally. ​VPNRanks+1IDStrong+1
• Rising incidence rates: The frequency of ATO attacks surged by 24% year-over-year in 2024. ​SpyCloud

These figures highlight the critical need for robust cybersecurity measures and proactive strategies to mitigate the growing risk of ATO fraud.

Combating ATO in 2025: Veriff's best practices

Building trust goes beyond merely protecting accounts—it’s about safeguarding digital identities at every touchpoint. By leveraging machine learning to assess transaction risk, detect anomalies, and profile user behavior at scale, IDV providers like Veriff offer an essential line of defense against the complex, AI-enhanced ATO attacks that are surging across digital commerce. As fraud techniques become more evasive, the consolidation of AI talent and technology in the fraud prevention space reflects an industry-wide push to stay one step ahead. Veriff offers advanced solutions like AI-powered identity verification, enabling accurate fraud detection and risk scoring during onboarding and high-risk interactions. With biometric authentication enhanced by liveness detection, users gain secure, automated access to digital services while preventing deepfakes, spoofing, and account takeovers. Behavioral analytics monitor patterns such as device usage and location changes to detect anomalies in real time, while fraud intelligence networks help flag emerging threats across regions. Additionally, educating customers on strong password practices, phishing awareness, and the importance of multi-factor authentication ensures a more secure digital ecosystem.

Veriff has unveiled the latest enhancements to its Biometric Authentication solution, expanding its product offering.

Key features of the Biometric Authentication solution update include:

• Increased conversion - Improved image resolution for better face-matching accuracy and enhanced detail capture in biometric templates.
• Improved fraud detection - Analysis of 30+ risk signals across behavioral, device and network parameters improve accuracy and the ability to combat more sophisticated fraud attempts.
• Deepfake and synthetic media detection - Veriff improved face liveness checks for synthetic and AI-generated media detection.
• User identity-based authentication - another step towards user-centric digital identity to ensure a secure and seamless user experience.
• Actionable insights - With more detailed insights, customers are equipped with specifics about what took place during the authentication journey.

Veriff’s role: Trust at the core of digital identity

ATO fraud challenges businesses to rethink identity as the new security perimeter. That’s why Veriff has built a modular, AI-enhanced identity verification and fraud prevention ecosystem that’s:

• Trusted by global fintechs and digital banks
• Built for flexibility across high-risk industries like gaming and financial services
• Scalable across LATAM, EMEA, and the US with 12,000+ documents supported in 48 languages​
• Designed for conversion and growth, with fraud detection rates rising up to 90% in some cases​

Strengthening ATO fraud defenses through Biometric Verification

In a time when Account Takeover (ATO) fraud is surging—up 13% year-over-year according to theVeriff Identity Fraud Report 2025—Kueski’s partnership with Veriff highlights the growing importance of secure and user-centric identity verification. As fraudsters increasingly use AI-generated deepfakes, stolen credentials, and emulator-based attacks to exploit financial services, Kueski’s integration of Veriff’s biometric and behavioral risk assessment technologies is helping to safeguard user accounts at scale. This collaboration not only reduces friction for legitimate users but also reinforces defenses against evolving ATO threats, ensuring trust remains at the core of every interaction.

Building a safer internet starts with trust

Veriff exists to restore trust online, enabling businesses to scale with confidence and users to feel secure at every interaction. In a world where ATO fraud is evolving rapidly, proactive defense is no longer optional—it’s essential.

🔎 Ready to dive deeper into the latest fraud trends?
Download the Veriff Fraud Report 2025 to uncover what’s next and how to prepare.