A large number of cybercriminals are opting for the Account Takeover attack due to which cyberattacks are on a steep rise.
According to researchers, Account Takeover attacks have surged by 282% between Q2 2019 and Q2 2020 due to the rise in digital business and online shopping. Since the year 2018, the number of stolen credentials put up for sale on the dark web has also skyrocketed by 300%.
Online sellers of physical goods have been the worst hit by these Account Takeover Attacks. Their numbers are up by 300%.
Attacks like these make the facts evident, that people can be targeted from anywhere in the world as long as they are connected to the internet. Victims reported that their credentials have stolen from a wide range of websites, including streaming services, dating, travel, and banking sites, among others.
Some recent Account Take Over incidents
• Cybercriminals can take over industrial control systems by exploiting critical vulnerabilities in CodeMeter.
• By using legacy software for BEC attacks, threat actors are targeting email clients. While password spraying and brute-forcing are still the most common choices, some attackers takeover accounts even with MFA protocols.
• To take over cloud instances, TeamTNT has been using Weave Scope.
Especially during the pandemic, online fraud has become an integral part of our threat landscape. Instead of relying on online merchants, consumers try and take security into their own hands. Since these attacks are diverse and adaptable stakes are high when we are dealing with account takeovers.
To read more, please check eScan Blog