DTX Manchester DTX Manchester
  • About Us
Saturday, 16 January, 2021
IT Security Guru
CTX Manchester 2020 banner ad
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

How to avoid personal and corporate account takeovers

Identity theft is among the top cyber threats to financial services. Here's what you can do to protect yourself and your business

by Sabina
September 2, 2020
in Insight
Ben Hartwig
Share on FacebookShare on Twitter

by Ben Hartwig, web operations director at InfoTracer. 

Account takeover (ATO) is a form of online identity theft that occurs when a fraudster gains unauthorised access to someone else’s account like a bank account, loyalty account, or e-commerce account, changes information such as login credentials or the email address associated with the account and then makes unauthorized transactions by using the hacked account. In the height of the COVID-19 crisis, all forms of fraud are up, including corporate account takeover. This type of fraud is particularly attractive to criminals today because they do not have to leave home to commit the crime and to illegally benefit from it. Additionally, since they control password reset communications, they are often able to carry out continued fraudulent account activity without being detected.

This cyber threat happens on the personal and corporate levels, so businesses must be vigilant to protect themselves and their customers from this crime.

Measuring the Impact of ATO

Account takeover statistics show that as technological advances have expanded, so, too, have the number of account takeovers. The number of account takeovers has steadily increased over the last few years. Losses from ATO rose 122% from 2016 to 2017. Then, in 2018, it increased by another 164%. The number of ATOs increased from 380,000 0in 2017 to 679,000 in 2018, which included personal and corporate account takeover. Previous research predicted that losses from ATO would reach $25.6 billion (£21.6 billion) by the end of 2020, but that was before the COVID-19 situation came about.

In addition to the immediate economic impact of account takeover, this type of fraud can also wreak havoc on a person’s credit or expose corporations to data breaches that cause them to lose customers.

Common Cybersecurity Threats to Financial Services

Financial service providers should be aware of the top cybersecurity threats and implement ways to prevent them.

Web Application Attacks

Web application attacks occur when a hacker is able to exploit a weakness such as a coding vulnerability to gain direct access to databases with sensitive data. According to the Verizon 2020 Data Breach Investigations Report, web applications were a factor in most data breaches.

DDoS Attacks

A distributed denial of service (DDoS) attack disrupts legitimate web traffic of a server by overwhelming it with a flood of illegitimate web traffic.

Phishing, Stolen Credentials, and Privilege Misuse

The last four Verizon Data Breach Investigations Reports have all found the use of stolen credentials as the most common way hackers gain unauthorised access to accounts. Some of these attacks begin by sending phishing emails to customers to get them to reset their credentials, which gives the hacker access to the account login details.

Backdoors, Supply Chain Attacks, Third, Fourth, and Fifth Party Vendors

Knowing that financial service providers will likely have more stringent online security, some fraudsters target third-party or supply chain vendors that provide services to financial institutions to get through the backdoor and infiltrate your system.

Global Operational Risks

Financial service providers may be hacked by people around the globe, so It is important that they have robust protection against these attacks.

Insider Threats

Financial service providers may also be subject to attack from one of their own employees or vendors, so they must remain vigilant at all times to quickly identify any insider threats and respond to them immediately.

Evolution of Cyber Threats of the Future

Cybercriminals continue to take advantage of any security vulnerability that they come across. While multi-factor authentication is a good tool to help prevent this type of problem, hackers have been able to get past such security from Microsoft and Gmail. Some fraudsters use information from public records to send phishing emails and malware to steal passwords.

How to Prevent Corporate Account Takeover

Banks and businesses can take steps to prevent corporate account takeover, and many consumer protection laws expect them to do just this. Some of the most efficient ways to guard against ATO include:

  •  Implement strong password policies
  • Train employees on cybersecurity risks
  •  Use multi-factor authentication
  • Check suspicious contacts in publicly available data sources
  •  Use endpoint detection on workstations and servers to protect against malicious code
  •   Maintain up to date security software
  •   Limit access to sensitive data
  •   Back up regularly

Steps for Personal Account Protection

You should also take basic steps to protect your personal accounts, such as:

  • Not logging into sensitive sites while on public Wi-Fi
  •  Using updated antivirus software on all devices
  • Using unique passwords for each account
  •  Monitoring your account activity

Conclusion

As more data breaches occur, more account takeovers will, too. When criminals are able to extract a lot of information from a pool of people through a data breach, they can then begin the process of exploiting individuals. ATO is one of the fastest-growing forms of financial fraud. Consumers and financial service providers alike must do more than use a password to try to protect an account.

 

4 1 vote
Article Rating
FacebookTweetLinkedIn
Share2TweetShare
Previous Post

The cybersecurity mindset: think like a pro

Next Post

India’s Prime Minister Narendra Modi Twitter Account hacked

Subscribe
Notify of
guest
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

game

400,000 customer details compromised in Resident Evil and Street Fighter gaming company ransomware attack

January 15, 2021

XSS vulnerability affects government websites

January 15, 2021

COVID-19 State of Remote Work Survey: 34% of Workers Felt Pressure to Return to the Office

January 15, 2021
CCTV used to spy

Ethics Officer Facing Cyberstalking Charge

January 15, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept