What is "account takeover" or ATO?

Account takeover, or ATO, occurs when a fraudster gains access to online accounts using a victim's email address and password combination.

Usually account takeovers occur after credentials are obtained when another online account is breached. Either manually or using applications, the fraudster will test the email and password combination across multiple ecommerce platforms until they gain access to one or more accounts successfully. Victims may receive notice of purchases on a platform they haven't visited in a long time, which alerts them of the issue.

Tophatter uses 128-bit SSL encryption to transmit payment information to our processor, and never has access to your payment information; however, a successful account takeover can result in unauthorized shopping on the platform within your account.

There are several ways to protect your information in general, and prevent account takeover:

  1. Change your password often. If your password has ever been exposed, changing your password to something else will remove a fraudster's ability to use the stolen information to access multiple accounts. You can check if your information has ever been breached by looking at this website.
  2. Never use the same password. Using a different, secure password across your online accounts will prevent a fraudster from being able to use information they accessed from one account's breach on another site you also use. Password best practices suggest using a minimum of 12 characters with a combination of upper and lower-case letters, numbers, and symbols.
  3. Remove payment methods. If you're not planning on shopping on Tophatter for a while, you can Manage Payment Methods to prevent unauthorized purchases on Tophatter.

If you think your account has been compromised and have unauthorized activity, please Contact Us for assistance, and provide the transaction amount, date, last 4-digits of the card number, and the identifier from your statement which will say TOPHATT* followed by an order or batch number.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.