Avoid Being the Next Victim of Account Takeover Fraud

Have you checked your online accounts lately? If not, make doing so a priority today.

Account takeover fraud is on the rise and looking for new victims. The holiday shopping season is already underway, with more consumers relying on e-commerce than ever before. So, let’s hope that today is not too late.

Got your attention?

A recent report by fraud prevention firm Seon Technologies highlights the staggering growth of ATO fraud online. In the U.S. alone, around 24 million households have fallen victim to this form of fraud.

The report further revealed that 22% of U.S. adults have been victims of an account takeover. Social media is one of the driving forces behind the issue, with more than half of all ATOs related to a social media account.

ATO Primer

A fraudster gains control of an account under a pretense, and the ID thief then commits unauthorized transactions or steals sensitive information. Once fraudsters gain access to one account, they can further exploit the victim’s other banking and merchant accounts.

These accounts all hold some sensitive information or payment details, which is why they are so attractive, warned PJ Rohall, head of fraud strategy and education at Seon.

“A lot of it begins with getting compromised data, whether through a data breach or bought on the dark web. The fraudsters have the login username and the password. They use that information to take it over,” Rohall told the E-Commerce Times.

All Industries Affected

Fraud detection and prevention company Sift released its report last month that found a 457% increase in account takeover attacks against the retail sector. That discovery showcased that an ATO is a vector that retailers should prepare for this holiday shopping season.

Sift’s research details the rapid rise and evolution of ATO attacks based on its global network of over 34,000 sites and apps and a survey of over 1,000 consumers. The report also highlights a new scam in which fraudsters collaborate to liquidate bank accounts via connected crypto exchanges and wallets that have been ignored amidst the “crypto winter.”

Other key findings from Sift include:

  • 51% of victims only discovered ATO after logging into their accounts and noticing suspicious activity.
  • 44% of reported victims have experienced ATO attacks up to five times.
  • 43% of consumers would stop using a site or app if an ATO attack compromised their associated accounts.

No industry has been untouched by ATO attacks, with an alarming 131% increase across Sift’s global network in the first half of 2022 versus the same period in 2021.

Account takeovers are proving to be a primary attack method among fraudsters in our challenging economic environment, offered Brittany Allen, trust and safety architect at Sift.

“Adding insult to injury, cybercriminals are leveraging automation via bots and scripts to launch ATO attacks at scale, often forcing businesses to choose between introducing excessive friction in their user experience or being consumed by fraud,” she said.

‘Digital Trust and Safety’

Fraudsters have set their sights on particular sectors amidst the global economic downturn as they seek to take advantage of dormant accounts and stored payment information.

The industries with the highest increases in ATO rates were fintech, with ATO rates up 71%. According to Sift, marketplaces saw a 39% increase, while digital goods and services experienced a 37% increase.

“The onus is ultimately on businesses to prevent this activity. Businesses can best protect themselves through consumer education, but that is only part of the equation since customers expect to be safe when shopping online,” Allen told the E-Commerce Times.

Companies should ensure they have the right strategy, people, and technology in place to protect customers and revenue without applying unnecessary friction in the customer journey. She added that Sift calls that concept “digital trust and safety” and believes it is critical for any merchant or platform.

It is also essential that merchants understand fraud signals to help fight abuse at scale. She explained that through a machine learning system paired with vast amounts of data, fraud prevention teams can analyze different signals in real time with minimal human intervention to assess risk.

“This helps reduce the time for manual reviews and allows merchants to detect suspicious activity on consumer accounts,” Allen noted. “Consumers often assume their online accounts are safe, so merchants need to live up to that. If they do not, there is a lot they could lose.”

Beware Your Crypto Holdings

Within fintech, cryptocurrency exchanges saw a staggering increase in attack rates. In light of fraudsters teaming up to funnel stolen funds through stolen accounts, consumers and businesses need to be vigilant, the Sift report warned.

“Plummeting crypto prices have led to consumers paying less attention to their crypto wallets than they were early this year and in 2021. Fraudsters noticed. This has led to a 79% rise in crypto account takeovers attacks,” Allen told the E-Commerce Times.

She explained that Sift researchers discovered a crypto cash-out scam on Telegram and dark web forums exposing how fraudsters who specialize in ATOs are working together to target the crypto market during its recent volatility. In this scheme, cybercriminals use stolen wallets, bank accounts, or crypto exchange accounts to move or launder illicitly obtained funds.

Fraudster A will advertise access to stolen funds on Telegram, then find another fraudster who specializes in crypto account takeover and KYC bypass methods.

KYC, or Know Your Customer, are guidelines and processes that financial institutions and businesses follow to verify the identity, suitability, and risks of a current or potential customer when opening an account and periodically over time.

Once Fraudster B offers access to stolen wallets or crypto exchanges, Fraudster A sends the stolen funds to Fraudster B’s accounts, where they funnel the money out and split the profits, explained Allen.

“Each party takes a risk trusting the other, but if successful, they stand to make tens of thousands of dollars each,” she added.

Consumer Protection Recommendations

Little can be done to avoid repeat victimization until fraud victims wise up. According to our report, nearly half of survey respondents expressed they would stop using a site or app entirely if their accounts were compromised, noted Allen.

Consumers must understand that password reuse fuels fraud. She urged that they protect themselves from attacks by using two-factor authentication for all accounts linked to financial service data. Even if a consumer prefers not to be reminded of the low balance in their crypto wallet, they should not treat this account differently than they would any other financial account.

“I would recommend they also use a password manager to create unique, strong passwords for each of their online accounts. Password managers save the headache of creating and remembering passwords while creating a smoother login experience for consumers, since they can auto-fill forms quickly and securely,” Allen recommended.

Sim Card Takeover

One potentially dangerous fraud takeover attack that gets little notice is mobile phone takeovers. These attacks are easily orchestrated by fraudsters who obtain enough of a consumer’s personal information to convince their mobile carrier to send the fraudster a new sim card.

“I kind of call it like the king of account takeovers because there is so much valuable information on our phone,” offered Seon’s Rohall.

Fraudsters reach out to the telephone operator and try to get the phone number ported to a new SIM card. When that happens, the victim loses access to the phone and is cut off from getting password change codes from the carrier, he noted.

The fraudster can circumvent that type of authentication, which leads to the criminal’s ability to take over the consumer’s bank account and other things associated with the phone number, Rohall warned.

Jack M. Germain

Jack M. Germain has been an ECT News Network reporter since 2003. His main areas of focus are enterprise IT, Linux and open-source technologies. He is an esteemed reviewer of Linux distros and other open-source software. In addition, Jack extensively covers business technology and privacy issues, as well as developments in e-commerce and consumer electronics. Email Jack.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Jack M. Germain
More in Hacking

Technewsworld Channels