Account Takeover
We've curated 17 cybersecurity statistics about Account takeover to help you understand how cybercriminals exploit credentials and impersonate users to gain unauthorized access in 2025. Discover the tactics, impacts, and preventive measures in our findings!
Showing 1-17 of 17 results
62.1% of attempted misuse cases involved new account applications, and 37.9 percent involved attempted account takeovers.
34% of companies experience at least one account takeover incident every month.
A single low-cost device model drove 3% of all mobile account takeover attempts.
Financial services accounted for 24% of all bot attacks and 46% of account takeover incidents.
EMEA's fraud attack rate increased 27% year over year.
The attack rate at login jumped 216%.
In 2025, 92% of npm account takeovers occur.
The top third-party fraud schemes included identity theft (28%), account takeover (19%), and card testing (17%).
Digital account takeover volume saw a 141% uptick between H1 2021 and H1 2025.
31% of US business leaders cited Account Takeover as the most prominent cause of fraud loss.
The volume of digital account takeover increased by 21% from H1 2024 to H1 2025.
Account takeover was reported as the greatest source of fraud loss by 20% of business leaders.
44% of organizations are prepared for insider threats or account takeover.
53% of reports of misuse involved account takeover.
There was a 754-percentage-point increase in reports of account takeover involving tech accounts.
There was a 47-percentage-point increase in reports of account takeover involving person-to-person payment apps.
For attempted misuse, thieves tried to open a new account (69%) more often than attempting to take over an existing account (31%).