Do you know what fraudsters hear when you say “dormant account”? One thing: low attention.
What counts as dormant?
Banks use different timeframes. In the GCC, accounts are classified as dormant after 12 months (UAE/Bahrain current accounts) to 24 months (Saudi Arabia/Bahrain savings accounts) of no customer-initiated activity. Some jurisdictions stretch this to 15 years; others flag accounts after just 6 months.
Even accounts below "dormant" status - those with very low activity but still fully accessible - attract the same fraudster attention.
Why fraudsters like dormant accounts:
💳 Low-activity accounts are ideal for fraudsters to launder funds quietly, keeping transactions small and subtle to avoid detection.
🏦 The long history of these accounts makes them appear trustworthy, sometimes even boosting internal credit scoring.
🕵️ Unusual activity often doesn’t stand out quickly because the account owner isn’t actively monitoring it.
👥 Dormant or low-activity accounts with large balances are attractive targets for embezzlement or abuse by bank staff with access.
📊 DataVisor found that 65% of account takeover attempts target accounts unused by their rightful owner for 90+ days, and 80% target those inactive for 30+ days. That's not a minority - that's two-thirds of all ATO attacks. And the scary part: those dormant accounts often contain real money. They're reserves. Emergency funds. Inheritance accounts. Exactly what criminals want[ref].
Javelin reports that account takeover fraud losses climbed to $15.6 billion in 2024, up $2.9 billion from 2023's $12.7 billion and up from $11 billion in 2022. This three-year escalation is a clear sign that the risk is growing.
🚨 What can we do?
For account owners: Stop treating dormant accounts like set-and-forget savings accounts. They're liabilities. Close what you don’t use. Even if you keep an account as a reserve, check it regularly and enable alerts, use strong credentials, and add MFA.
For banks: Flag low-activity and dormant-status accounts as high risk. Apply enhanced monitoring, step-up authentication on reactivation or unusual transactions, and audit employee access to these accounts.
Fraudsters thrive where "quiet" equals "ignored". Let’s turn dormant into defended.