Account takeover fraud is a growing cybercrime facing SMEs
By Puja Sharma
Fraud fighters SEON in its report, which highlights the staggering growth of account takeover fraud online. The report compiles several pieces of recent research around the worrying subject, while also providing advice on how businesses and individuals can best stand up to the challenge.
Account takeover fraud is an alarmingly common type of online crime, which can affect businesses and individuals alike. This form of attack tends to occur when a fraudster poses as an established, genuine client of a business, or as an employee, and gains control of an account under a false pretence. Once this has occurred, the fraudster is often able to leverage this access to carry out unauthorised transactions, or to steal sensitive information. In the US alone, around 24 million households have fallen victim to this form of fraud.
There is a myriad of reasons why account takeover fraud is so prevalent right now. As SEON’s report finds, social media is one of the driving forces behind the issue. Currently, more than half of all account takeovers relate to a social media account. Sadly, once a fraudster has gained access to an account like this, they can often use the access to further exploit other accounts. To this end, a study has found that 60% of account takeover victims use the same password for multiple online accounts.
In publishing its report, SEON wants to bring attention to this crucial issue, which may currently be being overlooked by businesses and individuals. That’s why the company has included several important steps that both businesses, and everyday internet users, can take to mitigate the risks of the issue. Alongside encouraging complex, unique, and varied passwords across online accounts, the report explains the importance of things like multi-factor authentication systems in stopping the problem.
Speaking on the new report, PJ Rohall, Head of Fraud Strategy & Education at SEON said, “Whether you’re a business, or a consumer, the risks of falling victim to an account takeover attack has never been higher. It’s now incredibly easy for fraudsters to get their hands on sensitive information, which can either be personally harvested or purchased on the dark web following a data leak. Sadly, this is often all fraudsters need to launch account takeover attacks on businesses or individuals.
Rohall added “When a customer experiences account takeover fraud, they often blame the merchant for the breach, even if it was the customer who unknowingly let the fraudster in. This impacts consumer trust and brand image – and can wreak havoc on customer loyalty. At SEON, we want to raise further awareness around this important issue and will continue to educate audiences about the risks through our educational guides. In doing so, we hope to give businesses and customers more confidence against account takeover attacks.”
Key findings
- Around 22% of adults in the US have been a victim of an account takeover
- Account takeover is one of the most prevalent forms of fraud affecting eCommerce businesses in 2022
- A study by Security.org shows the average successful account takeover incurs losses of around $12,000
IBSi FinTech Journal
- Most trusted FinTech journal since 1991
- Digital monthly issue
- 60+ pages of research, analysis, interviews, opinions, and rankings
- Global coverage