Organized crime has taken over the internet in recent years. Any web-based account that deals with finances, gaming, retail and other consumer-facing services are under threat of attack from bot armies that are used by unscrupulous individuals.
Cyber criminals have made a very lucrative business out of Account Takeover attacks (ATO attacks) by selling the data from compromised accounts to fraudsters who, in turn, use it to commit cyber crimes that take advantage of mobile games, reward programs, financial services, retail services, and any other web-based service for consumers. It is predicted that there will be a huge spike in ATO attacks this year because of the massive number of data breach in 2015.
ATO attacks are dangerous because the accounts used were created by real users. Mass-registered fake accounts do not contain sensitive personal information but these accounts do, which makes them less suspicious from a security standpoint and therefore they are used to bypass security measures once they get sold to the underground market.
The types of financially motivated downstream attacks that uses taken over accounts are:
A service feature that accepts content from registered users is vulnerable to an attack by a taken over account. Attacks like this are usually done to askew ratings and degrade platform integrity.
Virtual Currency Fraud
Points from promotions, in-game virtual items, and promotional credits are harvested for real world cashing-in.
E-commerce or financial services that store member’s banking details are the targets. The Account takeover attack is performed by making unauthorized withdrawals from credit cards, debit cards, and bank accounts on file.
In phishing, the attackers usually use a compromised account to launch phishing attacks within that account’s known contacts to steal their personal information, credentials, or sensitive data as well.
The ATO Army
Those performing account takeovers these days are often organized crime rings that have access to a huge number of bots that they can use to try to crack passwords. One data security company reported discovering an attack at a known retailer website with more than 300,000 failed log-in attempts from only a handful of locations.
Although the success rate was only 8%, it is still chilling how cyber criminals managed to use accounts that are fully registered and are from real people who have no idea that their accounts has been taken over. What is even more chilling is that the credit card numbers on file were also attempted to be validated by the cyber criminals by using the data on the users’ profile pages.
User accounts that have been taken over are exploited by the fraudsters are not the only ones that are going to suffer from an ATO attack. Brands that have fallen victim will also have to deal with harmful effects on their reputation, something that will have a more long-term effect.
Need help getting your account back, investigating a case of ATO attack, or wanting to devise a plan to prevent a future attack? Then have a chat with your Toronto private investigators. Contact us for an initial consultation today!