Americans face mounting risk of hackers taking over brokerage accounts, regulators say
Ref: Account Takeover 2021 Annual Report: Prevalence, Awareness and Prevention – Security.org
The Financial Industry Regulatory Authority, the brokerage industry’s self-regulatory body, said in a recent notice that it has “received an increasing number of reports regarding customer account takeover incidents, which involve bad actors using compromised customer information, such as login credentials, to gain unauthorized entry to customers’ online brokerage accounts.”
Awareness of Account Takeovers
Nearly three-quarters of U.S. adults are aware of account takeovers, while 18 percent are unaware, and nine percent are unsure.
How Many People Have Had Account Takeovers?
According to security.org research, 22 percent of U.S. adults have had their accounts taken over. As there are 110 million internet-enabled households in the U.S., that means that approximately 24 million U.S. households have experienced account takeovers.
What Types of Accounts Were Taken Over?
Of the accounts taken over, the majority were social media accounts at 51 percent. Banking accounts comprised 32 percent of account takeovers, while email and messaging platforms comprised 26 percent. Moreover, research indicated that 80 percent of the accounts taken over were personal, while only 13 percent were business accounts only. Altogether, 93 percent of accounts taken over were personal accounts or a combination of business and personal accounts. Of the financial losses from account takeovers, over 80 percent of respondents recovered the funds, compared to 16 percent who were unable to recover the money.
How to Prevent Account Takeovers
Given the large increase in account takeovers throughout the global pandemic, the account takeover market is increasing with it. Business and personal internet users can lessen the likelihood of account takeovers by choosing strong passwords for their accounts and adding multi-factor authentication and security questions when available.
• Using different usernames and passwords for various accounts; DO NOT mix user names and passwords for Social media, email and Financial accounts or, better yet, a password manager, can help.
• Get suspicious login alerts if they’re available. Ask the companies you do business with to offer suspicious login alerting so that you can stop an account takeover before it becomes a massive headache.
• Add security questions or advanced authentication to accounts to prevent unauthorized access.
• Read this to understand various authentication options with their pros and cons. Two-Factor and Multi-Factor Authentication: How to Prevent Identity Theft – Security.org