The rise of account takeovers

Account takeover fraud is the primary means of attack from fraudsters and attack origins occurring predominantly outside of the U.S., according to NuData Security.

Account takeover is on the rise:

  • Account takeovers have beaten out credit card cycling as a more popular means of fraud, in which fraudsters attempt to hijack valid user accounts as opposed to using lists of stolen credit card details that are purchased and cycled through.
  • High-risk login attempts jump nearly 14 percent in the four weeks leading up to Thanksgiving. High-risk logins are those in which fraudsters try to take over the accounts of users to make a quick profit at a time of large, unusual purchasing.
  • More than 90 percent of high-risk login attempts are scripted, indicating sophisticated criminals with a good understanding of technology are developing small programs in order to quickly steal and buy using other users’ accounts.
  • It is likely fraudsters download lists of stolen passwords from highly publicized data breaches. That gives them two important pieces of information: a list of usernames and passwords, and information about what the most popular passwords in the world are.

The bulk of account takeover attacks – more than 75 percent – are originating from or being routed through countries outside the U.S.

While criminals use other countries to route their Web traffic in an effort to hide their true location, it doesn’t mean they are actually based there.

  • 53 percent of attacks were routed through China
  • 24 percent routed through the U.S.
  • 214 percent routed through Russia
  • 29 percent routed through other regions.

Ryan Wilk, director, customer success, NuData Security, said:”This year, we have determined fraudsters are leveraging more sophisticated attack vectors, focusing increasingly on account takeover, as opposed to the common tactic of credit card cycling. This shows us that thieves are beginning to value user accounts with payment information attached more than credit card details themselves. This puts additional burden on the ecommerce organization to protect their communities. In order to hijack an account, fraudsters often attempt to login, just like regular users, using password information gathered from highly publicized data breaches.”

“Expecting consumers to maintain strong, non-reused passwords has proven to be ineffective. For ecommerce organizations to protect their brand and users, they must figure out how to detect fraudsters utilizing the stolen identity data. The good news is that we can now harness the power of behavioral attributes, both conscious, but more importantly subconscious, to aid in authenticating users. Behavioral analysis serves as a means of understanding how legitimate users truly act without interrupting their experience, thereby predicting and preventing fraud from occurring.”