Account Takeover

Introduction

Account takeover refers to the obtaining of another person's account and password and then using such information to login to the account for illegal purposes such as stealing personal information, spreading malicious software, and posing as the victim.

Prevention

Use a strong password: Ensure that your account password is strong enough. A good password should feature a combination of letters, numbers and special characters. In addition, change your password regularly.

Enable two-step verification: Enable this feature for accounts that support it. This add another layer of security for your account.

Be mindful of phishing attacks: Don't click or reply emails, text messages or links that you do not trust, especially those that ask for your account information.

Usual Tricks

Fake emails: Scammers may pretend to be from a legitimate website or service provider and send you an email asking you to click a link or enter your account information.

Social engineering: Scammers may use social media or other online channels to collect your personal information to guess or reset your password.

Malicious software: Downloading or clicking on malicious softwares may cause your account to be hijacked. These softwares can remember your inputs, steal your passwords or manipulate your devices.