May 20, 2019

5 Account Takeover Techniques & How To Prevent It

It seems that in every Mission Impossible movie there is at least one scene where some is impersonated in order to get something done. In fact, this seems to be a frequent subject for numerous thrillers and drama-oriented films. But what happens when fiction becomes reality? What happens when someone takes over your account and slowly drains it of all resources (i.e. money)?

What is Account Takeover and Why Should I Care?

Put in the simplest terms account takeover occurs when cybercriminals pose as a genuine customer in order to gain control of an account and then makes unauthorized transactions as if they were the genuine customer. According to Wikipedia:

“The most prominent types of account takeovers deal with credit card fraud. As opposed to stealing credit card numbers which can be changed after the user reports it lost or stolen, fraudsters prefer account takeover to maximize their return on investment. A fraudster uses parts of the victim’s identity such as an email address to gain access to financial accounts. This individual then intercepts communication about the account to keep the victim blind to any threats. Victims are often the first to detect account takeover when they discover charges on monthly statements they did not authorize or multiple questionable withdrawals.”

When these “fraudsters” or cybercriminals are judicious in their purchases (i.e. making numerous relatively small transactions over time), they can continue the account takeover undetected for extended periods of time. According to a cnbc.com article “some 15.4 million consumers were victims of identity theft or fraud last year” and “Identity theft, fraud cost consumers more than $16 billion.”

Why is account taker so prevalent? The answer lies in how easy the different techniques employed by cybercriminals are to execute.

5 Account Takeover Techniques

Given the potential for $billions in return on investment, it is no wonder cybercriminals employ a multitude of techniques to take over accounts of unsuspecting people. The five most common (and successful) techniques include:

  1. Data Breach: is easily responsible for more Account Takeovers than any other technique. Cybercriminals have realized that they can gain access to millions of identities by breaching just one large account (i.e. Marriott, Target, etc). With over 2 billion stolen emails and passwords in the last year, there is no wonder people should watch the use of their accounts more closely.
  2. Phishing: is the technique that provides the most information to make Account Takeovers possible. According to a CSOonline article titled “What is phishing? How this cyber attack works and how to prevent it” “Phishing is a cyber attack that uses disguised email as a weapon. The goal is to trick the email recipient into believing that the message is something they want or need — a request from their bank, for instance, or a note from someone in their company — and to click a link or download an attachment.
  3. Malware: is where most cybercriminals started out; specifically developing code that would take on a life of its own to gain access to restricted information. According to SearchSecurity “More sophisticated threats include polymorphic malware, which can repeatedly change its underlying code to avoid detection from signature-based detection tools, anti-sandbox techniques, which allow the malware to detect when it is being analyzed and delay execution until after it leaves the sandbox, and fileless malware, which resides only in the system's RAM in order to avoid being discovered.”
  4. Man-in-the-middle: is a creative realtime technique to hijack information while it is being used. According to CSOonline “A man-in-the-middle (MitM) attack is when an attacker intercepts communications between two parties either to secretly eavesdrop or modify traffic traveling between the two. Attackers might use MitM attacks to steal login credentials or personal information, spy on the victim, or sabotage communications or corrupt data.”
  5. Sim Swap Scam: is fundamentally a type of targeted Account Takeover fraud that exposes a specific weakness in the current binary authentication such as 2FA/MFA solutions offered by many solution providers. For a comprehensive understanding of this for of Account Takeover, check out this blog titled “SIM Swap Scam Neutralized”.

 Prevention is far superior to remediation, so what is needed is a tried and true method to prevent account takeover from actually occurring in the first place.

How To Prevent Account Takeover 

Because account takeover is one of the scariest things that can happen to anyone in the digital world, it is imperative that organizations institute controls to ensure against this eventuality.  This is why Acceptto has focused our intellectual property on the development and delivery of an authentication solution based on your immutable identity, specifically your biobehavioral attributes.

Acceptto’s eGuardian engine continuously creates, and monitors user behavior profiles based on the user interaction with the It’sMe authenticator. Every time an activity occurs, actionable intelligence is gathered and used to optimize the user profile. eGuardian is capable of autonomously and continually learning new policies and adapting existing ones. While policies can still be manually defined and contribute to the computation, our Biobehavioral AIML approach automatically finds the optimal policy for each transaction. eGuardian leverages a mixture of AI & ML, expert systems and SMEs to classify, detect, and model behavior, and assign real-time risk scores to continuously validate your identity prior to, during and post-authentication.

Check out what Acceptto can do to ensure your employees, partners and customers can authenticate without passwords and still ensure security and privacy registering for a free demo today.

identity authentication continuous cognitive authentication account takeover