Safeguarding your accounts from takeover fraud Skip to content

Safeguarding your accounts from takeover fraud

2 min read

Picture of a young man with dark hair. He's seated at a desk and working on a laptop computer. He is taking proactive steps to safeguard his accounts from fraud.

Cybercrime doesn’t sleep. It’s important to stay vigilant and secure your online accounts, especially those with money, sensitive health information, and financial data. The more you know about potential threats, the easier it will be to keep your accounts secure and safeguarded from fraud.

While there are many types of scams, one tactic is increasing—fraudulent account takeover. Account takeover fraud is a serious threat that could potentially lead to financial losses, compromised personal information, and even potential health risks. These account takeover threats are concerning, but preventable when you know what to look for. I’ll cover:

  • Understanding account takeovers

  • How the takeovers happen

  • Ways to prevent takeover fraud

What is account takeover fraud?

Account takeover fraud occurs when a cybercriminal gains unauthorized access to an online account by stealing the user’s credentials—username and password—or by luring an account owner to a fake website that was created to harvest login credentials of unsuspecting victims. Those credentials are then used to access accounts on the legitimate website. Once a scammer has access to an account, they could potentially make unauthorized changes, view sensitive information, initiate fraudulent transactions, or steal money.

How do account takeovers happen?

There are several ways account takeover fraud can occur:

  1. Phishing or smishing attacks: Fraudsters may send phishing emails or smishing text messages pretending to be from a legitimate source. These attacks can trick a victim into disclosing login credentials or clicking on links that install malware on your device.
  2. Weak passwords: Using weak or easily guessable passwords makes it easier for attackers to crack them and gain access to your account.
  3. Social engineering: Attackers may use sneaky tactics to manipulate you into revealing sensitive information or login credentials through phone calls, texts, or fake websites. Fake websites can look very convincing, and bad actors can use online ads to direct consumers to the fraudulent site.

Ways to protect your account

While the threats can be sophisticated, there are proactive measures you can take to secure your accounts. At a high level, you can avoid or mitigate fraud by not clicking on suspicious links within emails and search engines, and by always using the correct website or mobile app to log in to your accounts. For example, at HealthEquity, always go to and click the Login button. For Further by HealthEquity, go to and click the Sign In button.

Here are more practical ways to safeguard against fraud:

  1. Use strong, unique passwords for your accounts, consider using a reputable password manager to generate and store them securely, and regularly change your passwords.

  2. Be cautious of unsolicited emails, messages, or calls asking for your login credentials or personal information.

  3. Enable and use multi-factor authentication on your accounts to add an extra layer of security. This step requires a second form of verification, like a code sent to your phone.

  4. Frequently update your devices (phones, tablets, and laptops) to make sure that operating systems, and applications are up-to-date.

  5. Regularly check your accounts for any unauthorized changes or suspicious activity. If something seems out of place, report the discrepancies to your provider.

Stay informed and aware of potential cyberthreats

By implementing these proactive measures and staying vigilant, you can significantly reduce the risk of account takeover fraud.

HealthEquity does not provide legal, tax or financial advice.

How did you like this article?

Thank you for subscribing!

How did you like this article?

About the author

Selim Aissi

Selim Aissi, EVP/CSO, leads Security and Information Technology teams at HealthEquity. With over 25 years of leadership in the technology and financial sectors, Selim and his teams help create safer, simpler experiences for clients, partners, and members.

Are you a business?

Talk to us today to get started.

Talk to us

Are you an individual?

Start building health savings today.

Open account

COBRA/Direct Bill Employer login

Please refer to your Client Welcome email for the URL of your specific COBRA/Direct Bill Employer login page.