In tandem with improvements in digital financial services and e-commerce, threat actors have gotten more creative with account takeover attacks and scams. You could be one click away from a fraudsters’ act that could cause severe identity and financial data theft. Let’s take a look into how cybercriminals boosted their social engineering techniques to exploit online transactions ever since the pandemic hit.
According to Kaspersky’s research, the share of account takeover attacks increased from 34% in 2019 to 54% in 2020. Every second fraudulent transaction in the finance sector was an account takeover attack. In 12% of security incidents, adversaries exploited legitimate Remote Administration Tools (RAT) like TeamViewer to gain access to user accounts.
What is an Account Takeover attack?
Account Takeover attack is a form of identity theft where an attacker uses botnets to illicitly obtain access to a victim’s bank and e-commerce accounts. Cybercriminals often shop unauthorizedly or make fraudulent transactions from the victim’s compromised account. In account takeover attacks, scammers most commonly use Credential Stuffing and Brute Forcing attacks to take over users’ accounts.
The Kaspersky Fraud Prevention team found two popular methods – “the rescuer” and “the investor” by which scammers execute account takeover attacks and both involve Vishing victims.
Rescuer Technique: In this technique, fraudsters introduce themselves as employees of the largest bank in the potential victim’s region and use a spoofed caller ID for incoming calls to pose as a real bank.
Investor Technique: In this technique, scammers impersonate employees of an investment company or an investment consultant from a bank. They offer customers a quick way to make money by investing in cryptocurrency or shares directly from the client’s account, without having to go to a bank. Attackers then ask the victims for the code they received in a text message or push notification.
How to Counter Account Takeover Attacks
Kaspersky has recommended security measures to businesses and users to protect against evolving fraud tactics. These include:
- Limit the number of attempts to conduct a transaction; cybercriminals may try several times to enter the correct credentials.
- Educate your customers on possible tricks that malefactors may use. Regularly send them information on how to identify fraud and the best way to behave in this situation.
- Conduct annual security audits and penetration tests to find security issues in a company’s network.
- Have a dedicated fraud analysis team capable of finding and analyzing the emerging methods fraudsters use.
- Implement multi-factor authentication to minimize the chance of accounts being taken over.
- Install a fraud prevention solution that can be quickly adapted for identifying new attack schemes and methods.
“Bank clients always place a high value on ease of access to their accounts and performance of usual financial operations, and now this has become especially important. That is why we believe that solutions for the financial industry should provide a high level of security measures — including protection against fraud — which is seamlessly integrated into the user experience. And of course, it’s worth regularly reminding clients about fraudsters’ techniques, so that they are likely to notice something,” said Claire Hatcher, Head of business development for Kaspersky Fraud Prevention.
