Home » Security » Fraudsters target account takeovers during the COVID-19 pandemic
account takeovers 61 percent

Fraudsters target account takeovers during the COVID-19 pandemic

account takeovers : Attempted account takeovers grew by 282 percent over the last year, while ATO rates for physical eCommerce businesses — those that sell physical goods online — have jumped 378 percent since the start of the COVID-19 pandemic


The Q3 2020 Digital Trust and Safety Index released today by Sift finds that between Q2 2019 and Q2 2020, ATO attacks happened in discrete waves about a week apart, indicating that fraudsters are turning to bots and automation in order to overwhelm security.

Attacks are carried out using credentials either illicitly purchased on the dark web or obtained through techniques like credential stuffing. Hackers gain access to user accounts on a business’s website and then make purchases on that site using stored payment information or rewards points. Attackers may also export the stored information in order to commit fraud across the web.

See also: Scams, phishing and malware : 60% of emails in May and June were

But while consumers may be the immediate victim of these attacks, businesses ultimately face the real costs, in addition to reimbursing hacked customers, businesses face chargeback fees and payment network fines when ATO leads to payment fraud.

Of those respondents who have experienced an ATO, 41 percent report that payment details were stolen and used to make purchases, and 37 percent have had money taken directly from their accounts. Another 37 percent had rewards points or credits taken and used to buy goods and services.

It’s eCommerce sites that are the most popular targets for ATO attacks (61 percent) followed by Social media sites (36 percent), financial services sites (35 percent), online dating sites (22 percent) and travel sites (19 percent).

READ ALSO  Nigeria: Fearful South-East Governors 'Now Court of Law', Ban Biafra IPOB

“Businesses have been forced to adapt to an immediate shift in consumer behavior since the beginning of the global pandemic. Unfortunately, fraudsters have too,” says Jason Tan, CEO of Sift. “The surge in account takeover attacks indicates that merchants can’t leave the burden of account security to their customers. Rather, companies should treat account protection as part of the overall customer experience and as a key part of their Digital Trust and Safety strategy, which allows for seamless transactions while preventing fraud.”

The full report is available from the Sift site.

account takeovers scams , phishing malware
Cyber Attack Crime

Share This:

Leave a Reply

Your email address will not be published. Required fields are marked *



Check Also


Claims that Davido is ‘giving out free 5K Airtime and 10GB data’ is fake – NCC


endsars Lai Mohammed

Lagos State Panel Report – ‘It’s Fake News’ Says Lai Mohammed

In a live broadcast by Lai ...

Cyberchain Hackathon

Exciting time as Digital Encode rewards Cyberchain Hackathon winners, vows to raise new cyber defenders

Digital Encode has rewarded Cyberchain Hackathon ...


Digital Encode to train Journalists on Blockchain Technology

Blockchain: Digital Encode says IT media ...

WhatsApp NITDA

NITDA sets new data safety agenda

NITDA has said Nigerians online is ...

Skip to toolbar