Account takeover attacks increased 131% in 2022, says Sift report

Thursday 29 September 2022 10:31 CET | News

US-based fraud prevention platform Sift has released its Q3 2022 Digital Trust & Safety Index, detailing the increase of account takeover attacks.


Based on Sift’s global network of over 34.000 sites and apps and a survey of over 1.000 consumers, the report also underlines a new scam in which fraudsters collaborate to liquidate bank accounts via crypto exchanges and wallets that are connected but have been otherwise ignored during the so called ‘crypto winter’.

The report highlights how no industry has been left untouched by account takeover (ATO) attacks, with an 131% increase across Sift’s global network in the first half of 2022, as opposed to the same period in 2021. However, fraudsters are looking to take advantage of dormant accounts and stored payment information. The industries with the biggest increase in ATO attack rates were fintech (71% increase), marketplaces (39% increase), and digital goods and services (37% increase). Within the fintech industry, cryptocurrency exchanges had a 79% increase in attack rates.

Following the constant stream of ATO attacks, consumers report financial loss, with 42% of ATO victims seeing unauthorised purchases made on their hacked account using either credit card or any other payment information stored on the site. Similarly, 30% of victims reported losing rewards points or credits.

The financial loss to consumers and remediation required of businesses illustrate only part of the effects of hacked accounts. More than half of the victims (51%) did not discover their accounts had been compromised up until logging in and noticing suspicious activity, suggesting the businesses did not succeed in notifying their customers and were most probably unaware of the fact that such security incidents had occurred. 43% of consumers have stated that they would no longer use a site or app if their associated accounts were compromised by an ATO attack.

Sift has released its Q3 2022 Digital Trust & Safety Index, detailing the increase of account takeover attacks.

New ATO attack targeting cryptocurrency

With cryptocurrency prices having dropped in 2022, Sift’s Trust and Safety Architects discovered a scam that targets crypto account holders – especially those who are checking their accounts less frequently due to crypto’s loss in values. The Sift team noticed that fraudsters are seeking each other out to funnel funds from hacked bank accounts and crypto wallets, activity taking place on both dark web marketplaces and deep web forums on Telegram.

The crypto scam involves two people teaming up, a fraudster looking at laundering stolen funds and another one who has successfully taken over connected bank accounts and crypto wallets. After teaming up, cybercriminals drain the funds by first loading the stolen funds into a seized bank account and then into the corresponding stolen cryptocurrency wallet.

Sift Trust and Safety representatives have stated that ATO attacks are proving to be a primary method of attack, cybercriminals starting to leverage automation via bots and scripts to launch ATO attacks at scale.

The new research shows that the projected, cumulative losses to online fraud that merchants will face are expected to exceed USD 343 billion globally between 2023 and 2027. This calls for trust and safety teams to adopt an end-to-end, real-time approach to outpace the increasing attacks, while also keeping up with customer demand.

For more information about Sift, please check out a detailed profile in our dedicated, industry-specific Company Database.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: report, fraud detection, fraud prevention, cybersecurity, cybercrime, online fraud
Categories: Fraud & Financial Crime
Companies: Sift
Countries: World
This article is part of category

Fraud & Financial Crime


Discover all the Company news on Sift and other articles related to Sift in The Paypers News, Reports, and insights on the payments and fintech industry: