Today ASK YOUR FRAUD EXPERT post is dedicated to Account Takeover attacks. Let’s ask our Fraud Expert on how to manage them.
What is an ATO?
Account takeover is a form of identity theft and fraud, where an attacker successfully gains access to a user’s account credentials. Often the ATOs are the result of data breaches, phishing or overlay attacks accomplished.
What are the main targets?
Accounts with some value for the attacker such as banking credentials, payment systems (Paypal), services such as Uber to which a credit card or e-commerce sites are associated (electronic or easily resellable goods).
How to manage it?
To protect your services from ATO attacks, you need to define a user behavior analysis strategy:
• Detect and block the threat: identify behavioural anomalies that may indicate access by the attacker;
• Use strong un-phishable authentication. Preventing the theft of simple credentials such as user and password makes it more difficult for the attacker to gain full access to the service.
DON’T WORRY…ASK US FOR HELP!