Home » Security » Fraudsters target account takeovers during the COVID-19 pandemic
account takeovers 61 percent

Fraudsters target account takeovers during the COVID-19 pandemic

account takeovers : Attempted account takeovers grew by 282 percent over the last year, while ATO rates for physical eCommerce businesses — those that sell physical goods online — have jumped 378 percent since the start of the COVID-19 pandemic

The Q3 2020 Digital Trust and Safety Index released today by Sift finds that between Q2 2019 and Q2 2020, ATO attacks happened in discrete waves about a week apart, indicating that fraudsters are turning to bots and automation in order to overwhelm security.

Attacks are carried out using credentials either illicitly purchased on the dark web or obtained through techniques like credential stuffing. Hackers gain access to user accounts on a business’s website and then make purchases on that site using stored payment information or rewards points. Attackers may also export the stored information in order to commit fraud across the web.

See also: Scams, phishing and malware : 60% of emails in May and June were

But while consumers may be the immediate victim of these attacks, businesses ultimately face the real costs, in addition to reimbursing hacked customers, businesses face chargeback fees and payment network fines when ATO leads to payment fraud.

Of those respondents who have experienced an ATO, 41 percent report that payment details were stolen and used to make purchases, and 37 percent have had money taken directly from their accounts. Another 37 percent had rewards points or credits taken and used to buy goods and services.

It’s eCommerce sites that are the most popular targets for ATO attacks (61 percent) followed by Social media sites (36 percent), financial services sites (35 percent), online dating sites (22 percent) and travel sites (19 percent).

READ ALSO  Internet, Mobile Inhibiting Military Show-Of-Force In Eastern Nigeria?

“Businesses have been forced to adapt to an immediate shift in consumer behavior since the beginning of the global pandemic. Unfortunately, fraudsters have too,” says Jason Tan, CEO of Sift. “The surge in account takeover attacks indicates that merchants can’t leave the burden of account security to their customers. Rather, companies should treat account protection as part of the overall customer experience and as a key part of their Digital Trust and Safety strategy, which allows for seamless transactions while preventing fraud.”

The full report is available from the Sift site.

account takeovers scams , phishing malware
Cyber Attack Crime

Leave a Reply

Your email address will not be published. Required fields are marked *



Check Also

access bank

Access Bank denies hacker Ihebuzo Chris exposes 2000 customers’ data

Access Bank Plc  says it is ...

office 365 attack

Office 365: New phishing attack tries to steal credentials via Box

Office 365 new phishing attack: Researchers ...

UNILAG postgraduate student charged for allegedly defrauding Konga

UNILAG postgraduatestudent, Aniekan Charles Ekong has ...

July 2020’s Most Wanted Malware: Emotet Strikes Again After Five-Month Absence

Emotet: Check Point Research finds sharp ...

Email attacks: Criminals bypass multi-factor authentication to hijack email accounts

Email attacks: Researchers at Abnormal Security ...