Account Takeover Fraud Nearly Triples Over Past 12 Months
Bad actors and cybercriminals are always looking for ways to expand their illegal activities. The field of account takeover fraud is no exception. Statistics published by cybersecurity company Sift show that account takeover fraud attempts swelled over 280% on a year-over-year basis.
The data published covers the 12 months between the second quarters of 2019 and 2020. The ratio of attempted fraud logins against the total number of logins on e-commerce platforms also skyrocketed since the onset of the global Covid-19 pandemic. The increase here is a stunning 378%, according to the safety index report published by Sift.
The report uses data accumulated from over 30 thousand sites and apps and an additional survey conducted among US residents. E-commerce is at its strongest during the holiday season and hundreds of billions worth of revenue are generated over just a couple of months. This, of course, attracts criminals who deal in fraud and account takeovers, as people use online shopping platforms generously and often.
Sift's report states that nearly 30% of interviewees in the customer survey claim they would never again use a website or platform if they suffered an account hack on that platform. Even though consumers are very worried about their account's security, they rarely use all the tools and options at their disposal to make their account as secure as possible.
More than half of the survey respondents do not use any password manager. A quarter of those surveyed also were a victim of some sort of account hack on a platform in the past.
Attacks Focus on Quick Cash-outs and Social Networks
Unsurprisingly, the research shows that bad actors rely increasingly on automated attacks and bots. The goal of those account takeover frauds is usually a quick profit before the user has figured out something is wrong. 41% of surveyed customers had hackers make purchases with their stolen payment information, while 37% had funds stolen directly from their accounts.
The majority of account takeover fraud cases were focused on e-commerce platforms and their users. Over 60% of the polled users who were at some point victims of an account takeover reported having some sort of online shopping account stolen. The next biggest target area for stealing accounts were social media. Outside of e-commerce, social media accounted for 36% of stolen accounts, with financial service websites coming in third with 35%.