CHEQ Raises $150 Million, led by Tiger Global

Learn More

Threats From the Fake Web: What Is Account Takeover?

Definition:

Account Takeover (ATO) is a cyberattack in which a legitimate account is invaded and controlled by attackers. Is a form of identity theft and fraud. Because it’s not usually an attack that focuses on one account at a time, but many at once, account takeover is mostly done by attackers using bots.

Interesting Fact:

Just in the UK, this type of Fake Web threat was responsible for a £14.6 million loss in 2021. In the US, reports mention that 25% of consumers were affected by ATO in 2021.

How is it implemented?

Account Takeover can be done using a list of stolen user information purchased on the dark web (credential stuffing) or brute force attacks (cracking). Attacks usually send bots that can automatically reach retail, travel, eCommerce, and other sites to test login pieces of information and attempt the takeover.

Once the takeover is done, the possibilities for the attacker are various. They can steal personal information, commit financial fraud and even drain loyalty programs.

If you wanna learn more, click here