Skip to main content

Volume of account takeover attacks skyrocketed during the pandemic

security
(Image credit: Shutterstock / Song_about_summer)

In the period between April 2020, at the start of the Covid-19 outbreak, and June 2021, the number of account takeover (ATO) attempts spiked by 307 percent.

This is according to a new report from anti-fraud company Sift. Analyzing its global network of over 34,000 sites and apps, as well as conducting a survey of more than 1,000 US consumers, the company found that this attack method made up 39 percent of all fraud attempts blocked on its network in Q2 2021.

Of all the different industries, the financial services industry took the biggest hit. ATO attacks on the sector rose 850 percent between Q2 2020 and 2021, with most attacks aimed at crypto exchanges and digital wallet users.

As a result, half (49 percent) of the consumers polled for the report said they felt most at risk of ATO on financial services sites. A quarter of the victims (25 percent)  were indeed defrauded on such sites.

The report also uncovered what criminals do once they gain access to a compromised account. Instead of clearing the account immediately, they often test the stolen credentials against other services and mine the accounts for personally identifiable and confidential information.

Almost half (45 percent) of all victims eventually had their money stolen, and in 42 percent of successful ATO attacks, unauthorized purchases were made with a stored credit card.

Although lockdowns likely played a role in the sudden spike in ATO attacks, the numbers have not dwindled as vaccines roll out and people start heading back to the office.

Sead Fadilpašić

Sead is a freelance journalist with more than 15 years of experience in writing various types of content, from blogs, whitepapers, and reviews to ebooks, and many more, across sites including Al Jazeera Balkans, TechRadar Pro, IT Pro Portal, and CryptoNews.