The report says that between 20% and 30% of all account takeover attacks are launched by organized fraud rings, and these organized groups are seeing greater success. More than 80% of all account takeover attacks are launched by fewer than 10% of the attackers targeting the site.
Organizations that offer more services on their web sites may increase customer loyalty, but they also increase their sites attractiveness to criminals. Loyalty programs, for example, increase their risk of account takeover attacks by as much as 200%.
Given that over one-third of all US consumers had personal information stolen in breaches in 2018, fraudsters now have access to more data that can be used to hack into legitimate online accounts than ever before, resulting in a 31% increase in ATOs year-over-year. This alarming growth is partially because access to an online account often has more value than a stolen credit card. For instance, many people reuse account information across websites, so a single stolen password can give fraudsters legitimate-looking access to an entire online identity.
As for prevention, the report points out that a focus solely on the point of transaction may be misguided, since fraud actors may well have been watching a victims behavior for days or weeks.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now