Account Takeovers 101

Account Takeovers 101

Author avatar

by Bence Jendruszak

A major TOR based marketplace specializing only on stolen and phished account credentials currently has 19.1 million listings as of today. This is only one of the many other deep-web based marketplaces. A large challenge for any online business is to mitigate their risk associated to identity related issues. According to the latest Impact report of Aite Group, improved security does not necessarily have to result in a worse customer experience. In fact, fraud prevention providers and online businesses will benefit from undertaking the current challenges of the online payments market.

How do fraudsters steal credentials?

Obtaining stolen credentials may be the result of different illicit activities. On the one hand, data breaches are a major source of sensitive user account details. Furthermore, phishing is a strong driver of capturing user credentials. In some cases, computer based malware attacks are used to log the details of an online account. Phishing is still is major element of stealing sensitive user information. The latest trend of fraudsters is to use email automation tools in order to send out personalized mass emails in order to lure online consumers into submitting their information on fabricated web pages. It is also common to see fraudsters replacing characters in order for the sender email address to look like the original legit one. The attackers may replace the letter “m” with an “rn” and the letter “l” with a number “1”. If you are confused by all these different methods, read more about the online fraud terminology here.

Once they are in, they can do whatever they want

In any case, once the fraudulent user has a hold of the account it’s game over. Therefore, it is important for online businesses to look into methods of deep user authentication. Generally, fraudsters will start testing the information once obtained in order to validate it before reselling. They do this via automated scripts in order to check millions of credentials in a short period of time. This means that it is vital to monitor the user base at the point of logins, signups and transactions. The relevant fraud prevention tool will be able to classify good and bad customers and associate risk to each user action. At the end of the day, the online business will be protected from otherwise incurring losses.

What are the relevant measures to look into?

There are several control actions that will result in lower risk associated to account takeovers. One measure is to implement velocity based rules at the point of logins. Multiple users logging in from the same device or the same IP address in a narrow time-frame may be a red flag. Analyzing the patterns of password changes is also a factor to take into consideration. Furthermore, monitoring withdrawals and payments is also vital in order to mitigate the exposure to fraud. A third party risk management tool can easily overpower these obstacles that fraudsters set out for online businesses.

Account takeovers are a massive pain for online businesses. It is rather easy to get a hold of stolen credentials and to penetrate the online accounts of individuals. The SEON risk management tool provides a full 360 degree picture about the user-base, thus ensuring a smoother and expanded KYC process. We have managed to overcome the hurdle of adapting a relevant monitoring tool by combining a light-touch integration with extended functionality. To sum up, online businesses are now able to easily ensure a much safer environment for their community by adapting proper fraud prevention tools.

If you want to deep dive into how account takeovers work, you may download our ebook that will give you additional insights.

Share article

Learn more about our products


Author avatar
Bence Jendruszak

Bence is the co-founder and COO of SEON whose vision is to create a safer online environment for merchants in high risk verticals.

Sign up to our newsletter