The latest figures from the FBI are a wake-up call for all business leaders: Over $262 million in losses due to account takeover (ATO) fraud this year alone. The perpetrators? Highly organized cybercriminals who systematically gain access to the bank accounts of companies and individuals – not through brute force, but through perfidious exploitation of trust. The method: social engineering. The goal: unrestricted access to business-critical data and assets.
What sounds like a scenario from a thriller is already a daily reality for companies worldwide – and the threat is growing rapidly. Supported by artificial intelligence and professionally organized infrastructures on the dark web, criminal groups are often several steps ahead of corporate IT departments. Their attacks are not only scalable but also highly personalized – and therefore particularly successful.
For CEOs, CISOs, and CFOs, it is therefore crucial to understand security responsibility not merely as a technical task of IT, but as a fundamental component of strategy, risk management, and corporate responsibility. But what does this mean in practical terms?
In the following, we analyze how current fraud scenarios work, where the biggest security gaps in companies exist today – and, above all, how companies can address these risks preventively and sustainably with the support of ProSec.
Account Takeover (ATO) refers to attack methods in which criminals gain access to digital accounts – typically online banking, personnel portals, or accounting software. What used to involve simple password phishing has now become a multi-stage deception operation centered on human error.
Cybercriminals impersonate employees of banks, police, or IT service providers and systematically trick their victims into revealing login credentials, one-time codes, or even security questions. Particularly insidious: even two-factor authentication (e.g., "TAN via app") is now being circumvented through deceptive telephone dialogues – making the human being the endpoint of the most insecure chain.
Furthermore, the use of AI allows attackers to simulate deceptively realistic emails, landing pages, and even complete support chats – with the aim of imitating entirely legitimate user behavior. The classic phishing link is now just one element among many in an orchestrated attack.
That ATO is no longer an isolated risk is demonstrated by the reality of investigations: Over 5.100 reports filed with the FBI this year alone, resulting in $262 million in losses, and rising. Particularly alarming is the fact that a large proportion of these incidents are specifically targeting companies – often small and medium-sized enterprises with limited internal security budgets.
The fraudulent practices are as varied as they are insidious:
Once compromised, criminals have access to all linked functions: payment processing, order management, personnel databases. Within a very short time, accounts are emptied, customer contacts compromised, or payment instructions manipulated to transfer money to crypto wallets.
In total, this creates a systemic risk far beyond the direct monetary damage: loss of reputation, breaches of trust with customers and a blatant loss of image in the market environment.
The current situation is worsening in the run-up to Christmas. Cybersecurity firms Darktrace, Flashpoint, and Forcepoint report that fraud campaigns specifically targeting consumer behavior around Black Friday and the Christmas shopping season are currently particularly active.
For companies, this means not only an increased risk of employee absences or IT incidents due to compromises – above all, such incidents jeopardize customer trust. Now more than ever, it is crucial that companies develop an adaptive, risk-oriented, and human-centered security strategy.
What is still considered standard practice in many companies – firewalls, endpoint protection, password policies – only addresses technical and administrative aspects. ATO and social engineering attacks, on the other hand, target the most vulnerable point: the individual employee who, in the stress of everyday work, cannot distinguish which link, call, or token is legitimate or dangerous.
This gap between technology and behavior offers attackers an ideal entry point – and is further widened by hybrid working models, cloud services and distributed access points (also through service providers).
Furthermore, many companies underestimate the fact that internal processes – such as account recovery or password reset – are often inadequately protected against misuse. An attacker who is familiar with the company's fundamental IT processes (e.g., through previous data leaks or insider information) can launch a perfectly compliant attack.
The good news is that companies are not powerless in the face of this situation. On the contrary, a realignment of their understanding of security presents a great opportunity not only to become more resilient but also to strategically strengthen the trust of customers, partners, and investors.
This includes, in particular, the following areas of action:
As one of Germany's leading security consulting firms, ProSec offers exactly the support that companies need today – not as a tool provider, but as a strategic sparring partner for IT security, economic protection and operational resilience.
Our services include:
Because true security doesn't come from more technology – but from greater clarity, accountability, and a prepared response. That's precisely where ProSec comes in.
Act now – before others do
The threat is real, measurable, and particularly affects those companies that have not established a comprehensive security strategy in recent years. ATO and AI-supported fraud schemes are expressions of a new digital arms race – one that only those who think proactively and act systematically can withstand.
Contact us to jointly analyze where your organization stands today, which processes are at risk – and how you can become resilient.
