US disrupts multimillion-dollar bank account takeover operation targeting Americans

The U.S. Justice Department said it seized a web domain and database that were used to siphon millions of dollars from Americans’ bank accounts through an online fraud scheme that exploited search engine advertising.

According to investigators, the website, web3adspanels.org, functioned as a control panel for criminals carrying out so-called bank account takeover fraud, allowing them to store and manage stolen banking credentials harvested from victims across the United States.

The FBI has identified at least 19 victims so far, including two companies in Georgia, with attempted losses totaling about $28 million and confirmed losses of roughly $14.6 million. 

Visitors to the seized site are now greeted with a law enforcement splash page announcing the takedown. Officials said cutting off access to the domain disrupts the criminals’ ability to exploit stolen credentials and steal additional funds.

The group behind the scheme bought fraudulent ads on major search engines, including Google and Bing, designed to closely mimic legitimate sponsored links from well-known banks. Users who clicked on the ads believed they were being directed to their bank’s website but were instead routed to counterfeit pages controlled by the criminals.

When victims entered their login information, malicious code embedded in the fake sites captured the credentials. The attackers then used that information to access real bank accounts and drain funds, the Justice Department said Monday.

Investigators said the seized domain hosted login credentials for thousands of victims and continued to support the fraud operation as recently as November 2025.

The seizure is part of a broader U.S. government crackdown on bank account takeover fraud, which has surged nationwide. Since January 2025, the FBI’s Internet Crime Complaint Center has received more than 5,100 complaints tied to such schemes, with reported losses exceeding $262 million.