Dynamics 365 contact sales widget
Account takeover (ATO) is a form of online identity theft where a third party illegally accesses a victim’s online account to turn a profit by changing account details, making purchases, and leveraging the stolen information to access other accounts.
ATOs are among the most significant cybersecurity threats to both businesses and consumers, costing an estimated USD4 billion in 2018.
Successful ATOs targeting banking, e-commerce, travel, insurance, and retail industries have increased in recent years. These typically fall under one of four common ATO fraud scenarios:
Credential cracking: This occurs when a bad actor gains access to a victim’s username or email. This is fairly easy to obtain because people often use their email address in multiple places and frequently use the same username on multiple websites. To access them, a malicious hacker uses bots to automatically try various combinations of the most commonly used passwords and general phrases in order to gain access.
Credential stuffing: This is one of the most common attacks and it’s currently on the rise. In this scenario, bad actors gain access to a large number of stolen usernames and passwords. Then they use a bot attack to automate the process of trying out these stolen credentials by “stuffing” them into multiple websites—this is often successful because many people use the same username and password for various sites. Once they gain access, the criminal will then make purchases, use loyalty points, and/or transfer funds to other accounts.
Password spray: Unlike credential cracking and credential stuffing, which affect known users and their passwords, this method focuses on unknown users in an effort to circumvent common ATO prevention measures. Here, a bad actor targets select websites by using a bot attack to make multiple login attempts using common or known usernames like “password123” or “123456.” If the login fails, they’ll try again using another account name since this method typically triggers a lockout after three to five failed attemps
SIM swap attack: This occurs when malicious hackers use social engineering techniques to take advantage of a legitimate service to swap out a user’s SIM card. By taking over a victim’s phone, hackers are then able to intercept authentication codes and validate fraudulent transactions.
Irregular spikes in login attempts.
Increased failed login counts.
Spikes in account locks.
Reports of fraudulent emails or SMS messages sent from someone posing as a legitimate entity.
Customer complaints about unauthorized fund movement.
Mismatched TCP and HTTP signatures.
Bad actors employ a number of strategies to obtain the information they need to perform an account takeover. These include:
Phishing: Here criminals typically create a false sense of urgency by compelling a user to open or click on an email. It then redirects them to a fake website that’s identical, or nearly identical, to their financial institution where their account credentials are stolen.
Malware: This is both common and difficult to detect. Malware is malicious software installed on a victim’s computer by a bad actor that captures the user’s information through keystroke logging or redirection to a fraudulent website.
Man-in-the-middle attack: This happens when a malicious hacker positions themselves between the victim and the institution they’re attempting to contact. Then the criminal uses a rogue access point to intercept the customer’s data to gain access to their account. Mobile banking apps can be particularly vulnerable to this kind of attack if proper security measures aren’t in place.
While certain industries are more common targets of account takeover attacks, any company that has a user account or membership system is vulnerable.
They’re one of the most damaging cyber threats your organization faces. And without ATO prevention, these attacks not only threaten your revenue, but your reputation as well, which may result in a loss of trust from your customers.
The good news is there are precautions organizations can take to mitigate the risk of account takeover fraud in an increasingly mobile world.
In order to reduce incidents of account takeover, organizations should implement a fraud prevention strategy that includes:
Implementing a bot detection solution to identify visitor behavior through analysis of technical and behavioral data.
Providing multi-factor authentication (MFA) options for all accounts.
Monitoring cybercriminal underground activity targeting your organization.
Encouraging customers to use a password manager to set a unique, strong password for every one of their online accounts.
The account takeover detection and prevention platform your organization uses should keep pace with the increasingly sophisticated cyberattacks targeting your business. And when it comes to purchase, account, and loss prevention, ATO technology is critical in order to increase fraud awareness and improve customer experiences.
With that in mind, when evaluating your ATO protection options, be sure to look for one that includes:
Adaptive AI technology
Account sign-in protection
Business intelligence reporting
An enhanced loss prevention system
Microsoft Dynamics 365 Fraud Protection can help online retailers diagnose transactions, detect bot traffic, evaluate fraud potential, and protect businesses with customizable rules to obtain recommendations for online transaction decisions.
Have a Dynamics 365 expert contact you.
Available Monday-Friday8 AM to 5 PM Central Time.
Contact a Dynamics 365 sales representative or Microsoft partner to:
See a live demo.
Set up a free trial.
Get answers and expert guidance.
Start transforming your business processes.
Microsoft employees — visit the Demos page to show your customers the exciting features available in Microsoft Dynamics 365. If you'd like more information or additional options, contact us for support.
Please resolve the following errors before submission:
A sales representative or Microsoft partner will be in touch within four business days.
Engage with experts and peers, read blog articles, and find local events.
Access industry-leading self-help and support options.
Get ready and learn more about new capabilities.