Year after year, we see the devastating global effects of rapidly increasing account takeover attacks (ATOs). SIM swap attacks, which are a common account takeover tactic, are leading the charge. According to ooftyadvisory.com, in today’s US enterprise market, SIM swap attacks cost individuals and businesses over 100 million dollars per year.
Typically, ATOs occur in very targeted scenarios to obtain financial gain on a financial platform. However, this type of fraud is not exclusively linked to financial platforms. ATO is rapidly expanding to e-Commerce, social media, and many other platforms out there.
So why now? What’s behind this increase in account takeovers?
Data breaches: a mass driver of ATO
Data breaches are a huge problem in today’s world, which has experienced rapidly increasing digitalization over the last few years. Your personally identifiable information (PII) could end up somewhere on the dark web, which is a never-ending data lake for identity theft.
Having all these dark sources of data unfortunately increases the likelihood of becoming an ATO victim. When you factor in social engineering skills, threats, malware, phishing, and smishing, the risks become even more pronounced.
Phone number ATO via SIM swap
Another aspect of account takeover that needs to be addressed is phone number ATO. In various markets, data from the mobile network can help you identify when the last SIM swap or porting event for a particular phone number took place. With SIM swap, fraudsters try to gain control of a phone number on one of their devices to intercept all communications and verifications to that phone number.
In some markets, there are stringent rules about performing a port-out or SIM swap. Bypassed often by using social engineering techniques, a SIM swap or an e-SIM swap is a change in the same mobile network, and porting would be from one network to another. As many networks transition to e-SIM technology, it’s unclear what the full impact of this shift will be as it relates to fraud. Time will tell.
The effect of ATO on businesses and their customers
These types of account takeovers are not exclusively linked to a password reset or account change flow. This vector of attack can happen anywhere throughout the customer’s journey.
So how can you tell when changes are needed?
As soon as your platform detects a signal or multiple signals indicating a potential change or addition to customer account data, it’s imperative to enhance your security measures. These changes could be one or more of the following:
- Change in IP address
- Change in deviceID
- Change in account settings
- Change in behavioral characteristics of the consumer
ATO is expanding, but that doesn’t mean it has to harm your company or customers. If you’re interested in learning more about all things account takeover, and how you can fight back, talk with the experts at Telesign today.
