July 2, 2026
Last Updated: June 1, 2026
Account takeover (ATO) fraud happens when a criminal gains access to a legitimate account and uses it to move money, steal data, or commit further fraud. The entry points vary, from credential stuffing and phishing to social engineering, but the outcome is the same, i.e a real account with real funds under criminal control.
For payment companies, a compromised account is rarely the end of the story. It's the starting point for unauthorized push payment transfers, mule account seeding, and transaction laundering, all of which fall within the liability of the issuer, acquirer, or payment facilitator whose infrastructure the funds moved through.
The account takeover fraud statistics below track where ATO is growing, what it actually costs, which sectors absorb the most damage, and what four years of trajectory data tells us about where things are heading.
ATO doesn't hit all sectors equally. The account takeover fraud statistics from CIFAS, LexisNexis, and TransUnion point to three distinct industry exposures, each connected to the others in ways that directly affect payment companies.
Financial services faces the highest fraud multiplier, the most fraud-exposed customer touchpoint, and the most constrained defense posture. LexisNexis's True Cost of Fraud 2025 study found that 39% of financial institution fraud occurs at the login and access stage, the direct ATO entry point. The same study puts the fraud cost multiplier for financial institutions above $5 per dollar lost. Javelin's research identifies ATO as the single largest component of identity fraud, accounting for $15.6 billion of the $27.2 billion in total US identity fraud losses in 2024.
Telecoms is the sector CIFAS data identifies as the accelerating entry point. A 105% rise in ATO cases in the UK telecoms sector in 2024, with mobile phone accounts making up 48% of all ATO filings, isn't coincidental. Telecoms accounts aren't targeted for their own value; they're targeted because they hold the mobile authentication credentials that unlock banking and payment accounts further down the chain. By H1 2025, telecoms accounted for 69% of all UK account takeover cases, up from 40% in 2024, with the financial damage landing squarely on payment institutions.
Digital account creation has emerged as a third high-risk zone. TransUnion's 2025 data showing 8.3% of digital account creation attempts as suspected fraud, the highest-risk stage across the entire customer lifecycle, reflects a deliberate upstream move. Fraudsters are embedding compromised or synthetic identities during onboarding, creating dormant accounts that look legitimate until they're activated for fraud. For payment companies running high-volume digital onboarding, this risk doesn't show up in transaction monitoring until significant damage has already been done.
Most ATO statistics report the direct accounting loss, covering amounts stolen, transferred, or reversed. The Federal Reserve puts US ATO losses at $15.6 billion for 2024, and the FBI IC3 PSA identifies $262 million in ATO fraud losses in the first ten months of 2025 alone. These figures are significant, but they're also incomplete.
LexisNexis Risk Solutions' True Cost of Fraud Study 2025, based on a survey of 507 fraud and risk executives across North American financial services and lending organizations, measures what comes after the headline loss. Investigation time, compliance and regulatory reporting, customer remediation, reputational damage, and friction on legitimate transactions all accumulate on top of the direct loss figure.
All told, every $1 of fraud loss now costs North American financial institutions more than $5 in total operational impact. That multiplier has grown 25% since 2021, when it sat at $4. Applied to the Federal Reserve's $15.6 billion figure, the true operational cost absorbed by US financial institutions from ATO in 2024 is closer to $78 billion.
That reframe matters for how you approach fraud detection investment. A $15.6 billion headline loss points to one cost-benefit calculation. A $78 billion true operational impact points to a very different one.
The industry claims, and cost analysis above, are grounded in the following verified data points. Each stat is sourced from a primary research organization or government body, not aggregated from secondary roundup pages:
1. US account takeover fraud losses exceeded $15.6 billion in 2024, up from $12.7 billion in 2023. FinCEN Suspicious Activity Report filings for ATO increased 36% in 2024 versus 2023, filed by regulated financial institutions under legal obligation, not a voluntary survey.
2. Since January 2025, the FBI's IC3 received 5,100+ ATO complaints with losses exceeding $262 million, all involving criminals impersonating financial institutions.
3. Account takeover accounted for $15.6B of $27.2B in total US identity fraud losses in 2024, a 19% increase in total losses year-on-year, with ATO as the single largest component.
4. ATO victims in the US increased 18% in 2025, rising from 5.1 million to 6 million. Victims spend an average of 17 hours resolving their fraud, the highest resolution burden of any fraud type Javelin tracks.
5. Javelin identifies ATO as financial institutions' greatest ongoing fraud risk, with ATO losses increasing 13% year-on-year in 2023 even as the number of incidents declined; fraudsters are extracting more per compromised account, not merely attacking more accounts.
6. In 2025, 8.3% of creation attempts across digital account opening flows were suspected fraud, making account creation the highest-risk stage in the customer lifecycle, ahead of both transaction activity and account access.
7. 20% of FI leaders globally cited ATO as their greatest single source of fraud loss in the past year, second only to scam and authorized fraud at 24%.
8. Looking back further, digital ATO volume surged 141% from H1 2021 to H1 2025, nearly two and a half times the volume recorded four years prior. (TransUnion H2 2025 Global Fraud Report)
9. In the most recent measured period, digital account takeover volume grew 21% from H1 2024 to H1 2025, confirming the growth rate is holding, not softening. (TransUnion H2 2025 Global Fraud Report)
10. 29% of consumers across 18 countries reported losing money to digital fraud in the past year, with a median loss of $1,747 per victim.
11. Every $1 of fraud now costs North American financial institutions $5 per dollar lost, a 25% increase from the $4 multiplier recorded in 2021, covering investigation, compliance, remediation, and reputational damage beyond the headline loss.
12. Among US financial services firms, 39% of fraud occurs at account login or access, ahead of both transaction activity (31%) and new account creation (30%). (LexisNexis True Cost of Fraud 2025)
13. 44% of North American financial institutions still primarily rely on manual fraud prevention processes, hesitating to adopt automation and AI despite rising attack volumes. (LexisNexis True Cost of Fraud 2025)
14. In the UK, 78,000 cases in 2025 were filed as account takeovers to the National Fraud Database, representing 18% of all fraud filings and a 6% increase from 2024.
15. The UK National Fraud Database recorded more than 444,000 fraud cases in 2025, the highest ever recorded in a single year, with 72% linked to identity fraud and account takeover combined. (CIFAS Fraudscape 2026)
16. In 2024, the UK telecoms sector recorded a 105% telecoms ATO rise in account takeover cases, with mobile phone accounts making up 48% of all ATO filings.
17. A record 421,000+ fraud cases were filed to the UK National Fraud Database in 2024, a 13% increase and the highest on record at the time. (CIFAS Fraudscape 2025)
18. In H1 2025 alone, the UK recorded 38,000 ATO cases, representing 18% of all NFD filings. Bank accounts drove 73% of facility takeover cases, a 20% increase compared to H1 2024.
The individual statistics above matter, and the pattern they form together matters more.
TransUnion's intelligence network spans four years, from H1 2021 through H1 2025. Across that window, digital ATO volume grew 141%. That's not a spike or a post-pandemic correction; it's sustained growth across multiple regulatory regimes, technology cycles, and economic conditions. The 21% increase recorded in the most recent period confirms the trajectory hasn't softened.
The CIFAS data adds a second dimension. In 2024, the UK National Fraud Database hit a record 421,000 fraud cases, and in 2025 that record was broken at 444,000. Within those totals, account takeover cases shifted sector by sector; telecoms ATO grew 105% in 2024, telecoms accounted for 69% of all ATO cases by H1 2025, and bank accounts absorbed 73% of the resulting financial damage. The attack surface isn't fixed; fraudsters move between sectors as defenses tighten in one area, and the CIFAS data traces that shift in near real time.
The Javelin data adds a third dimension; average loss per ATO incident is rising even as overall incident counts sometimes decline. ATO losses grew 13% in 2023 with fewer total incidents than the prior year, meaning fraudsters are getting better at selecting high-value accounts, not merely finding more of them.
ATO fraud is growing in volume, value, and target sophistication at the same time. Any one of those trends would be worrying; all three running in parallel signals a threat that's maturing, not leveling off.
These account takeover fraud statistics point to five conclusions your risk team should carry into planning.
Putting this data to work means asking whether your current defenses actually cover what these statistics describe.
LexisNexis data shows 39% of FI fraud occurs at login, 30% at account creation, and 31% in transactions. A system that scores only payment events is blind to the majority of the sources of ATO fraud. Effective fraud detection covers both individual transaction events and account-level behavioral patterns across velocity, counterparties, and device signals over time.
Coordinated ATO campaigns appear across multiple institutions before hitting any single one. A model trained only on your transaction history can't recognize a pattern that appeared at three other issuers last week. Cross-network intelligence is something siloed models can't provide.
ATO volumes grew 21% in one year. A six-month ramp-up before detection becomes meaningful is six months of unprotected exposure during the fastest-growing fraud category in the market.
Fraudio provides real-time transaction monitoring and intelligent payment fraud detection for payment companies worldwide. Using patented centralized AI technology, Fraudio helps issuers, acquirers, payment processors, and fintech companies detect and prevent payment fraud, merchant-initiated fraud, money laundering, and suspicious transfers, covering the full attack chain the statistics above describe.
Payment companies are absorbing ATO losses that siloed, rules-based tools weren't designed to catch. 141% volume growth over four years, 44% of institutions still on manual processes, and a real cost that's five times the headline figure. That gap isn't closing on its own.
Most fraud detection models learn only from your own transaction history, so coordinated ATO patterns appearing across multiple issuers and acquirers simultaneously are invisible to them until they reach your portfolio.
Fraudio's patented network-effect AI centralizes transaction data from issuers, acquirers, APMs, and transfers across all connected customers in real time, detecting ATO patterns from day one across all connected institutions. Detection starts from the first transaction, with no ramp-up, no siloed models, and no hidden fees. Trusted by Viva Wallet, Cashflows, Silverflow, Pismo, and payment companies across 188 countries, and backed by ISO27001 certification.
Start your free trial so you don't become another statistic in account takeover fraud.
Account takeover fraud happens when a criminal gains access to a legitimate account and uses it to move money, steal data, or commit further fraud. For payment companies, a compromised account is the starting point for unauthorized push payment transfers, mule account seeding, and transaction laundering, all of which fall within the liability of the issuer, acquirer, or payment facilitator involved. US ATO losses exceeded $15.6 billion in 2024, per the Federal Reserve.
US ATO losses exceeded $15.6 billion in 2024, per the Federal Reserve, with ATO accounting for $15.6 billion of $27.2 billion in total identity fraud losses per Javelin 2025. But the real cost is higher; LexisNexis puts every $1 of fraud loss at $5 or more in total operational cost, pushing the true impact closer to $78 billion when investigation, remediation, and reputational damage are included.
Every major dataset tracking ATO shows the same pattern. TransUnion's network recorded 141% growth in digital ATO volume from H1 2021 to H1 2025, with a further 21% rise in the most recent period. Javelin found ATO victims increased 18% in 2025. The FBI's IC3 received more than 5,100 ATO complaints in the first ten months of 2025, with losses exceeding $262 million.
Financial services carries the highest per-incident cost; LexisNexis data shows 39% of FI fraud occurs at the login stage, and the fraud multiplier for banks exceeds $5 per dollar lost. Telecoms is the fastest-growing ATO sector, with a 105% rise in UK cases in 2024 and 69% of all UK ATO cases by H1 2025, making it the authentication gateway to banking and payment account takeovers. Bank accounts absorb 73% of the resulting financial damage.
The four-year ATO trend is one of consistent growth, not cyclical fluctuation. TransUnion data shows 141% growth in digital ATO volume from H1 2021 to H1 2025. UK CIFAS data shows annual National Fraud Database records broken in both 2024 (421,000 cases) and 2025 (444,000 cases). Javelin shows ATO losses growing in both volume and per-incident value, with average losses rising even in years when total incident counts declined.
Fraudsters have moved upstream. TransUnion's H1 2026 data shows 8.3% of digital account creation attempts in 2025 were suspected fraud, making it the highest-risk stage in the customer lifecycle, ahead of both transactions and account access. They use stolen credentials or synthetic identities to open accounts that look legitimate, remain dormant, and get activated for fraud later. Most transaction monitoring systems don't cover this stage, so the risk doesn't surface until it's already embedded.
Yes, because of downstream liability. For issuers, a compromised account generates unauthorized push payment transfers and direct reimbursement obligations. For acquirers and payment facilitators, ATO-linked access to merchant portals can alter settlement flows or generate fraudulent transaction volumes. CIFAS data shows 73% of UK account takeover financial damage flows through bank accounts, confirming that payment institutions absorb the majority of ATO consequences.
Three structural reasons explain it. First, 44% of North American financial institutions still rely primarily on manual processes that can't scale with 21% annual volume growth, per LexisNexis 2025. Second, most fraud tools learn only from your own transaction history, so coordinated ATO campaigns hitting multiple institutions simultaneously are invisible until they reach you. Third, 39% of FI fraud occurs at login, and 30% at account creation, but most controls are concentrated at the transaction layer, meaning they're covering the right threat in the wrong place.
How about trying our solution and experiencing the next generation for yourself?