Blog, Events & News

BACK TO ALL

Are Compromised Credentials Being Used on Your Website?

By Gareth Kitson / 21st Aug 2018

Probably.

It’s reported in the news almost every day, another company has been breached and more user credentials have been leaked. With breaches occurring so frequently a potential account takeover attack on your site or application has never been higher.

Why?

Someone else’s breach IS your problem.

When there is a reported data leak or credentials are compromised, usernames and passwords become available to purchase on the dark web. With every new breach, the dark web comes alive with a frenzy of hidden activity. Hackers and fraudsters scramble to validate combinations against other websites by using sophisticated automation technologies to test credentials, either on mass, across thousands of websites, or extremely targeted against specific online services and eCommerce platforms.

This is becoming even easier to do particularly due to the rise in sophistication of Cracking tools to automate the attacks with little knowledge of traditional hacking techniques required, plus, the widespread customers reusing the same password across multiple sites.

Account TakeOver (ATO) is a form of fraud where a bad actor(s) will attempt to compromise the integrity of a real users account, often leveraging compromised credentials sourced from the dark web to gain something of value.

Forrester estimates account takeover costs $7 billion in annual losses in just the financial services and insurance markets. This excludes retail where we see account takeover attacks costing some of our clients as much as 2.5% of their annual revenue. Others have also reported on this alarming rise in data breaches and ATO. PYMNTS.com reported a 45% increase in ATO in only the second quarter of last year while Forter also found ATO growth to be nearly 35% for the first two quarters of 2018 and Javelin Strategy & Research reported the tripling of ATO loses to organisations. On top of the financial loss is also the damage to customers’ faith in their online services.

While ATO can affect everything from an email service to a bank account, in the ecommerce market we have seen a huge rise in our customers coming to us to specifically help with cybercriminals performing ATO to access stored payment information and Loyalty Point abuse.

We continue to help prevent theft of banking or credit card information, placing fraudulent orders, theft of personally identifiable information for use elsewhere … the list goes on; however, the illegal redemption of loyalty point has become a costly and time-consuming problem for many retailers.

With such high gains to be made it is no wonder attackers don’t conduct account takeover attacks randomly. Cybercriminals know who, what, when, where and why they’re executing an attack. Our customers see up to nine out of every 10 login attempts on web and mobile being attributed to credential cracking attacks via mass automated login attempts

IT security professionals are fully aware that attackers are becoming more sophisticated, distributed and automated with each passing day. Cybercriminals have the tools needed and will silently test themselves and their kitbag against your website or web application over and over to establish benchmarks against your security measures and to ensure they avoid detection when performing the real account takeovers. But how do you protect from this?

NETACEA

The world’s most advanced Bot Management solution.

Radically different from other 'black box' solutions, Netacea is an agile and intelligent new layer of security that adapts to changing threats.

The Netacea layer of protection should be your first line of defence. It complements existing controls, such as WAF rulesets, rate limiting and threat databases.

It provides deep, actionable analysis of all internet traffic, web reconnaissance, automated bots and legitimate website visitors and manages those journeys accordingly in real time.

Please do get in touch to learn more/book a demo.

Account Takeover