Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 28 May, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

How to avoid personal and corporate account takeovers

Identity theft is among the top cyber threats to financial services. Here's what you can do to protect yourself and your business

by Sabina
September 2, 2020
in Insight
Ben Hartwig
Share on FacebookShare on Twitter

by Ben Hartwig, web operations director at InfoTracer. 

Account takeover (ATO) is a form of online identity theft that occurs when a fraudster gains unauthorised access to someone else’s account like a bank account, loyalty account, or e-commerce account, changes information such as login credentials or the email address associated with the account and then makes unauthorized transactions by using the hacked account. In the height of the COVID-19 crisis, all forms of fraud are up, including corporate account takeover. This type of fraud is particularly attractive to criminals today because they do not have to leave home to commit the crime and to illegally benefit from it. Additionally, since they control password reset communications, they are often able to carry out continued fraudulent account activity without being detected.

This cyber threat happens on the personal and corporate levels, so businesses must be vigilant to protect themselves and their customers from this crime.

Measuring the Impact of ATO

Account takeover statistics show that as technological advances have expanded, so, too, have the number of account takeovers. The number of account takeovers has steadily increased over the last few years. Losses from ATO rose 122% from 2016 to 2017. Then, in 2018, it increased by another 164%. The number of ATOs increased from 380,000 0in 2017 to 679,000 in 2018, which included personal and corporate account takeover. Previous research predicted that losses from ATO would reach $25.6 billion (£21.6 billion) by the end of 2020, but that was before the COVID-19 situation came about.

In addition to the immediate economic impact of account takeover, this type of fraud can also wreak havoc on a person’s credit or expose corporations to data breaches that cause them to lose customers.

Common Cybersecurity Threats to Financial Services

Financial service providers should be aware of the top cybersecurity threats and implement ways to prevent them.

Web Application Attacks

Web application attacks occur when a hacker is able to exploit a weakness such as a coding vulnerability to gain direct access to databases with sensitive data. According to the Verizon 2020 Data Breach Investigations Report, web applications were a factor in most data breaches.

DDoS Attacks

A distributed denial of service (DDoS) attack disrupts legitimate web traffic of a server by overwhelming it with a flood of illegitimate web traffic.

Phishing, Stolen Credentials, and Privilege Misuse

The last four Verizon Data Breach Investigations Reports have all found the use of stolen credentials as the most common way hackers gain unauthorised access to accounts. Some of these attacks begin by sending phishing emails to customers to get them to reset their credentials, which gives the hacker access to the account login details.

Backdoors, Supply Chain Attacks, Third, Fourth, and Fifth Party Vendors

Knowing that financial service providers will likely have more stringent online security, some fraudsters target third-party or supply chain vendors that provide services to financial institutions to get through the backdoor and infiltrate your system.

Global Operational Risks

Financial service providers may be hacked by people around the globe, so It is important that they have robust protection against these attacks.

Insider Threats

Financial service providers may also be subject to attack from one of their own employees or vendors, so they must remain vigilant at all times to quickly identify any insider threats and respond to them immediately.

Evolution of Cyber Threats of the Future

Cybercriminals continue to take advantage of any security vulnerability that they come across. While multi-factor authentication is a good tool to help prevent this type of problem, hackers have been able to get past such security from Microsoft and Gmail. Some fraudsters use information from public records to send phishing emails and malware to steal passwords.

How to Prevent Corporate Account Takeover

Banks and businesses can take steps to prevent corporate account takeover, and many consumer protection laws expect them to do just this. Some of the most efficient ways to guard against ATO include:

  •  Implement strong password policies
  • Train employees on cybersecurity risks
  •  Use multi-factor authentication
  • Check suspicious contacts in publicly available data sources
  •  Use endpoint detection on workstations and servers to protect against malicious code
  •   Maintain up to date security software
  •   Limit access to sensitive data
  •   Back up regularly

Steps for Personal Account Protection

You should also take basic steps to protect your personal accounts, such as:

  • Not logging into sensitive sites while on public Wi-Fi
  •  Using updated antivirus software on all devices
  • Using unique passwords for each account
  •  Monitoring your account activity

Conclusion

As more data breaches occur, more account takeovers will, too. When criminals are able to extract a lot of information from a pool of people through a data breach, they can then begin the process of exploiting individuals. ATO is one of the fastest-growing forms of financial fraud. Consumers and financial service providers alike must do more than use a password to try to protect an account.

 

FacebookTweetLinkedIn
Share2Tweet
Previous Post

The cybersecurity mindset: think like a pro

Next Post

India’s Prime Minister Narendra Modi Twitter Account hacked

Recent News

SnapDragon Monitoring scam advice

Tips to Protect Against Holiday and Airline Scams

May 25, 2023
Access Segmentation & Encryption Management from MyCena

New security model launched to eliminate 95% of cyber breaches

May 25, 2023
KnowBe4 Helps Organisations Battle QR Code Phishing Attacks With New Tool

KnowBe4 Helps Organisations Battle QR Code Phishing Attacks With New Tool

May 25, 2023
Purple Logo, capitalised letters: SALT.

Salt Security Uncovers API Security Flaws in Expo Framework, Issues have been Remediated

May 24, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information