Check out all the on-demand sessions from the Intelligent Security Summit here.
Sift’s latest Digital Trust & Safety Index – based on its global network of more than 34,000 sites and apps and a survey of over 1,000 consumers – details the rapid rise and evolution of account takeover (ATO) attacks. Account takeovers are a type of identity theft in which a fraudster gains unauthorized access to an online account.
ATOs have risen by a staggering 131% in the first half of 2022 versus the same period in 2021. Despite the global economic uncertainty, this massive increase indicates fraudsters are taking advantage of businesses and consumers by launching increasingly sophisticated account takeover attacks.
Cybercriminals have specifically set their sights on the cryptocurrency market, which saw a 79% increase in ATO attack rates. This rise in attacks is linked to the recent market volatility, as fraudsters know that consumers are less likely to monitor their crypto wallets with prices plummeting.
Sift’s researchers discovered a new crypto cashout scam on Telegram whereby cybercriminals work together and use hijacked bank accounts connected to crypto wallets to move or launder illicitly obtained funds. Fraudster A will advertise their access to stolen funds on Telegram to find another fraudster who specializes in crypto account takeover and KYC bypass methods. Once they team up, Fraudster A will load those stolen funds into Fraudster B’s account. Fraudster B will transfer the hijacked funds into a stolen crypto account and then will withdraw the funds to a private wallet. Once the funds have been drained, they’ll split the profit.
Although the cashout element of the scam isn’t new, it highlights how fraudsters are working together to execute ATOs. These attacks negatively impact businesses by leading to consumer losses and tarnishing brand loyalty. In fact, 43% of survey respondents expressed they would stop using a site or app entirely if their accounts were compromised by an ATO attack.
That’s why it’s imperative that businesses have the right defenses in place to protect against sophisticated attacks. Through a machine learning system paired with vast amounts of data, fraud prevention teams can analyze thousands of different signals to stop suspicious activity before accounts are compromised.
Read the full report from Sift.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.