Sift's new report shows a rise in ATO-as-a-Service

Thursday 28 September 2023 10:24 CET | News

US-based fraud detection provider Sift has published a new report that reveals a considerable increase in account takeover (ATO) attacks. 

The Q3 2023 Digital Trust and Safety Index shows that ATO attacks increased by 354% year-over-year in Q2 of 2023 across Sift’s global network. The most affected sectors are fintech and food and beverage, with the attacks rising by 808% YoY across fintech, mostly focusing on loyalty sites and crypto. The food and beverage industry saw a 485% increase in ATO attacks. 

US-based fraud detection provider Sift has published a new report that reveals a considerable increase in account takeover (ATO) attacks.

ATO attacks’ impact

The report revealed that 18% of surveyed consumers experience account takeover attacks, with 62% of them happening in the past year. Approximately 34% of individuals were defrauded two or more times, mostly while using sites or applications for digital subscriptions, online shopping, and financial services.

Businesses in every region and vertical face faster and costlier attacks due to the evolving nature of tools, including generative AI, struggling to keep up with accurately detecting abuse. At the same time, the global Fraud Economy developed the tactics and tools necessary to target industries with rapid growth and investment in security, such as financial services. These compounding factors result in predictions of billions in fraud losses by the end of 2023, with approximately USD 635 billion related to ATO attacks.

Moreover, the rise in ATO attacks is related to the democratisation of fraud and growing accessibility to illicit tools and services that anyone with the internet can access to participate in fraudulent activities. 24% of individuals surveyed by Sift reported having seen offers to participate in account takeover schemes online. Sift’s experts observed that fraudsters are moving off the dark web and now operate on social platforms to actively recruit additional bad actors. Trust and Safety Architects from Sift closely monitored several social media accounts of known fraudsters who are using TikTok and Instagram to market their offerings, who then funnel interested users to Telegram where they can buy stolen credentials. 

Sift’s analysis in the context

According to the company’s officials, 2023 has been the year of account takeover, with several factors that influenced this, including AI-fuelled social engineering, the availability of fraud-as-a-service tools, and fraud influencers democratising access to stolen accounts. This led to an ATO outburst, with fraudsters leveraging innovative tools and techniques to steal from businesses and consumers. However, businesses should take advantage of technologies like machine learning and automation to defend against digital risk.

More information about Sift

Sift’s main objective is to dynamically prevent fraud and abuse through its technology and expertise, with brands such as DoorDash, Twitter/X, and Poshmark relying on its services to protect their businesses. Back in July 2023, the company published another report that showcases an increase in AI-enabled fraud. The data shows that two-thirds of US individuals reported a rise in spam and scams, with the upsurge being due to the introduction of consumer-oriented generative AI tools in late 2022.

For more information about Sift, please check out their detailed profile in our dedicated, industry-specific Company Database.

More: Link

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: online security, cybersecurity, account takeover, Account fraud, research, cybercrime, generative AI
Categories: Fraud & Financial Crime
Companies: Sift
Countries: World
This article is part of category

Fraud & Financial Crime


Discover all the Company news on Sift and other articles related to Sift in The Paypers News, Reports, and insights on the payments and fintech industry: