Ebook

Account Takeover Attacks: All You Need to Know And How to Stop Them

In this ebook, we’ll examine the scale of the problem, dissect the anatomy of an ATO and its causes, and offer solutions that customers and companies can implement today to prevent these attacks.

1. What is an account takeover (ATO)
2. How bad agents take over accounts
3. What can everyday users do?
4. How businesses should prevent ATO
5. How seon prevents ATO

Account Takeover Attacks: All You Need to Know And How to Stop Them

What is an Account Takeover (ATO)

An account takeover, or ATO also goes by another definition: account compromise. The names are self-explanatory. They simply define the action when someone manages to log into an account which isn’t theirs.

As we’ll see below, this action can be performed by a lone hoaxer or a full organised crime ring. ATOs range from the basic and innocent, to large scale attacks that can steal millions of dollars worth each year.

1.1 MORE ATTACKS, MORE LOSSES

ATO is an increasingly costly issue for companies: in 2018, ATO accounted for $4 billion of losses for businesses worldwide. In the e-commerce sector, nearly 40% of all fraud losses in 2018 were due to identity theft and synthetic identities.

And the trend isn’t set to be curbed anytime soon, due to the increase in mobile usage. Javelin’s 2019 Identity Fraud Study saw a 45% increase in mobile ATO between 2018 and 2019, accounting for 679,000 incidents.

1.2 DAMAGING IN A VARIETY OF WAYS

Businesses and customers have a lot to lose with each attack. In fact, it is estimated that victims end up paying $263 out of their own pocket to resolve an ATO, not to mention the time, stress, and efforts needed to overcome the problem.

While it’s harder for businesses to put a monetary value on ATO losses than with, say, chargeback fraud, it doesn’t mean it’s a victimless crime. ATO drains time, resources, and damages businesses’ reputation, with very real consequences:

  • Hacks and security issues put a strain on your IT team
  • Support is overwhelmed by customer requests who need to reclaim their accounts
  • The finance department must fight chargebacks
  • Users turn to competitors due to a loss of reputation and brand trust
  • Stocks can plummet after a publicised breach (dropping down to 7.5% in some cases according to Bitglass research)

1.3 NO VERTICAL IS SAFE

Darkmarket value of an account with different providers – Source: TrendMicro

ATO attacks aren’t a new problem. Fraudulent account access to customer accounts has always been a concern for financial institutions. The difference is that today they affect any organization with a customer-facing login.

Sign up to download

In order to download and read the full e-book please
sign up to our newsletter.