Report: Spike in account takeover attacks – fraudsters target fintech and crypto

Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and gain efficiencies by improving and scaling citizen developers. look now.

Sift’s latest Digital Trust and Security Index, based on its global network of more than 34,000 sites and apps and a survey of more than 1,000 consumers, details the rapid rise and evolution of takeover attacks. account control (ATO). Account takeovers are a type of identity theft in which a fraudster gains unauthorized access to an online account.

ATOs increased by 131% in the first half of 2022 compared to the same period in 2021. Despite global economic uncertainty, this massive increase indicates that fraudsters are taking advantage of businesses and consumers by launching account takeover attacks increasingly sophisticated.

Cybercriminals have specifically set their sights on the cryptocurrency market, which has seen a 79% increase in ATO attack rates. This increase in attacks is linked to recent market volatility, as fraudsters know that consumers are less likely to monitor their crypto wallets with plummeting prices.

Sift researchers have uncovered a new crypto cashout scam on Telegram in which cybercriminals work together and use hacked bank accounts connected to crypto wallets to move or launder illegally obtained funds. Fraudster A will advertise his access to stolen funds on Telegram to find another scammer who specializes in crypto account takeover and KYC bypass methods. Once they team up, Fraudster A will load these stolen funds into Fraudster B’s account. Fraudster B will transfer the embezzled funds to a stolen crypto account and then withdraw the funds to a private wallet. Once the funds are exhausted, they will split the profits.

Although the cash-out element of the scam is not new, it highlights how fraudsters work together to execute ATOs. These attacks negatively impact businesses by driving consumer losses and tarnishing brand loyalty. In fact, 43% of respondents said they would stop using a site or app altogether if their accounts were compromised by an ATO attack.

That’s why it’s imperative that organizations put the right defenses in place to protect against sophisticated attacks. Using machine learning combined with large amounts of data, fraud prevention teams can analyze thousands of different signals to stop suspicious activity before accounts are compromised.

Read the full report from Sift.

VentureBeat’s mission is to be a digital public square for technical decision makers to learn about transformative enterprise technology and conduct transactions. Discover our Briefings.

Leave a Reply

Your email address will not be published. Required fields are marked *