Phishing

Introduction Account Takeover Fraud (ATO) occurs when cyber criminals gain unauthorized access to a victim’s accounts. Commonly, this happens as a result of phishing, social engineering, data breach, or malware. Criminals may target a variety of accounts including eCommerce, social media, and financial services, often with the goal of financial gain. In 2024, according to the Veriff Fraud Report 2025, ATO fraud increased 13% over 2023. When carrying out phishing campaigns, cyber criminals will often utilize phishing kits to simplify the process. These are collections of resources and tools that ease the deployment process, effectively lowering the barrier to entry, enabling less technical individuals to launch attacks. Often, these kits contain spoofed login pages and the scripts needed to receive stolen data, including credentials and personally identifiable information (PII). In recent years, according to IBM, technology brands such as Microsoft and Google have been the most targeted, followed by financial services such as Visa and Mastercard. ...