The Clearsale Blog

Account takeover is the biggest fraud threat U.S. consumers haven't heard of

Account takeover is the biggest fraud threat U.S. consumers haven't heard of

Account takeover fraud is a huge problem, but most US consumers don’t know about it. Only 36% of US consumers say they are familiar with account hijacking fraud, even though it’s one of the fastest growing types of online fraud. And unlike credit card fraud, a successful account takeover can often allow criminals to exploit multiple accounts belonging to the same victim. Here’s what you need to know to protect your accounts from takeover fraud.

What U.S. consumers know about online fraud

ClearSale commissioned a survey done by Sapio Research of U.S. consumers to learn about their shopping behaviors, preferences and attitudes about online fraud. Over a thousand consumers who shop online at least every few months participated. What they found is that while the majority of online shoppers are aware of credit card fraud and email phishing scams, not even half were familiar with account hijacking, also known as account takeover (ATO) fraud.

CSUS - 36% of respondents are familiar with hijacking fraud

The high level of awareness about credit card fraud makes sense. This type of fraud hit 270,000 U.S. victims in 2019, making it the most common type of consumer identity theft. Credit card theft and fraud have been trending up in the U.S. for half a decade, but there was a huge jump in reported card fraud—more than 72%--from 2018 to 2019. In many cases, credit card theft leads directly to online shopping fraud, which more than half of respondents knew about.

High levels of awareness about phishing and email scams are good, too. They’re a sign that corporate and government campaigns to educate people about phishing are working. Despite the widespread awareness among consumers, phishing has been a serious problem for years, especially for businesses and large organizations. One group of threat researchers found that the number of phishing attacks declined by 42% in 2019, but only because criminals are getting better at focusing their attacks on high-value victims. Still, some attacks impersonate familiar brand names to trick consumers into handing over their passwords, so be vigilant.

Then there’s ATO (aka hijacking) fraud. ATO fraud increased 79% from 2017 to 2018 in the U.S., and mobile phone account takeovers increased by 78% from 2018 to 2019—a disturbing trend because so many consumers have email, social media, banking and shopping apps linked to their mobile accounts. With so many of us—even fraudsters—stuck at home for health and safety reasons, online gaming account takeover fraud is growing, too.

This combination of rapid growth and low public awareness means many consumers are at risk for suffering an account takeover attack..

What exactly is account takeover fraud and what makes it so dangerous?

An account takeover happens when someone else gets access to one of your digital accounts. Credit card and bank accounts are the ones people usually think of first, but social media, email, shopping and other accounts can also get hijacked by fraudsters. Once they’re in the account, they can use it to do what they want, whether that’s make purchases online, steal information or deface someone’s social media pages.

There are at least four reasons why ATO fraud is so damaging.

  1. Thieves can get access to your funds and personal information. Even if they don’t crack your online checking account, a fraudster with access to your Facebook account may be able to shop on Facebook with the payment data you have saved there.
  2. Fraudsters can take over more of your accounts if you use the same password on them.
  3. Once a criminal has access to your accounts, they can lock you out by changing the passwords and other contact information.
  4. With enough of your personal and financial information in their control, criminals can open new accounts in your name to commit more fraud.

How does ATO happen and how can you protect yourself?

Most consumers are aware of the dangers of fraud and know to keep their passwords a secret, so how does ATO fraud happen? One major cause is out of the average person’s control, but the other is not.

Data breaches and ATO fraud

Data breaches are a huge source of passwords and other login credentials. When criminals find ways to steal data from companies and government agencies, they resell that information to other criminals, who often use it to hijack accounts. In 2019, more than 164 million records were exposed by data breaches in the U.S., and new breaches are reported every week around the world. There’s not much consumers can do about this trend, but there’s a related step that can limit the damage.

Secure passwords can limit ATO damage

If one of your shopping passwords is exposed in a breach, the fraud might be limited to that account. But most of us make it easy for fraudsters to do worse. More than 84% of us use the same password for multiple accounts. That’s like handing a skeleton key to criminals. They can test your stolen login credentials from one account with all your accounts or with common platforms to see what else they can take over.

So, the first line of defense against ATO for the average person is to use a unique, strong password on every account you have. This means you will need to use a password manager, because you won’t be able to remember then all.

You can also:

  • Consider using two-factor authentication (2FA) on your most sensitive accounts. An authenticator app is more secure than SMS 2FA.
  • Check to see if your passwords have been exposed. The Jumbo app and the Have I Been Pwned website are resources that many tech experts recommend for this purpose.
  • Regularly check your bank statements and sign up for spending alerts.
  • Be careful about following links in emails to login pages. Remember that phishing attacks can arrive via text and voice call, too.
  • Consider signing up for credit monitoring and/or putting a freeze on your credit with the three major reporting agencies.
  • Report suspicious transactions to your bank; report confirmed fraud to the authorities in your area.

Account takeover fraud is a serious and growing problem, but consumers can fight it. With good password practices, caution about unfamiliar links and calls, and regular attention to your account activity, you can reduce your risk of becoming an ATO fraud victim.

Original article at: https://technative.io/account-takeover-fraud/

You may also like

Critical Pandemic Lessons in Mobile Payment Fraud Prevention

Critical Pandemic Lessons in Mobile Payment Fraud Prevention

As the world pivoted to online shopping, work, and learning last year, the timeline for mobile usage growth jumped ahead by two to three years in the first half of 2020. Many retailers rolled out..

QR Code Payments Are Convenient, Great for Distancing, and Targets for Fraud

QR Code Payments Are Convenient, Great for Distancing, and Targets for Fraud

QR code payments have finally caught on in the U.S. after lagging behind adoption in China and other Asian markets. Why the change? The need for contactless payments brought on by the pandemic..

Advance Strategies to Eliminate Ecommerce Chargebacks

Advance Strategies to Eliminate Ecommerce Chargebacks

What can we expect e-commerce to look like throughout 2021? There's still a lot of uncertainty in the economy, but some strong trends emerged last year that merchants can build upon now as..

Not-For-Profits and Charities Are High-Risk Targets for Costly BIN-Bashing Fraud. Here’s What to Do About It

Not-For-Profits and Charities Are High-Risk Targets for Costly BIN-Bashing Fraud. Here’s What to Do About It

By Ralph Kooi, Australia Country Manager, ClearSale and Matt Humphries, Head of Sales and Marketing, Bambora

As UK Stores Target a Global Audience, Here’s What You Need to Know About Security

As UK Stores Target a Global Audience, Here’s What You Need to Know About Security

The sharp rise of eCommerce has eliminated shopping borders and it's not unusual for hackers to target stores not in their local country to avoid outing themselves.

What You Need to Know in Ecommerce

What You Need to Know in Ecommerce

The past year or so has changed how we shop and how we think. As the world changes and as consumer behaviour changes with it, as merchants we must start to ask ourselves, very seriously, will our..

A1 Retail's 2021 Buyer's Guide: The Future of Retail

A1 Retail's 2021 Buyer's Guide: The Future of Retail

The eCommerce market grew exponentially in 2020, with online retail sales surging due to the pandemic. And since eCommerce sales are expected to continue on an upward trajectory in 2021, I believe..

Businesses Need to Start to Understand the Changing Customer

Businesses Need to Start to Understand the Changing Customer

It is ever more apparent that consumer attitudes and behaviors are shaping the future of retail. To add to this, considerable disruption has taken place in retail as a result of the pandemic,..

Five Habits We Can Learn from Chess that Apply to Crisis Leadership

Five Habits We Can Learn from Chess that Apply to Crisis Leadership

Chess was the breakout game of 2020, as teens and young adults stuck at home flocked to live games by chess experts on Twitch. Between top players on social media and the popularity of the Netflix..

Want to write
for our blog?

Please review our writers' guidelines
https://www2.clear.sale/press/clearsale-guest-blog-guidelines
and then email guestwriter@clear.sale with your pitch!

Subscribe to our blog