A recent study that named account takeover fraud (ATO) as the most prevalent attack type targeting merchants and banks was backed up this week by data points from two additional research reports. Why are fraudsters targeting online accounts so often and with such success? More data breaches than ever before and increasing vulnerability via email.
According to cybersecurity firm Splunk in its State of Security 2022, nearly half of all companies report having suffered a data breach over the past two years, up from 39 percent in 2019. The company attributes the increase to the difficulty attracting talent to cybersecurity roles—a problem that existed before the pandemic but has been exacerbated by the “Great Reshuffling.” More breaches results in more raw material for fraudsters to leverage in ATO attacks. From Splunk’s perspective, automation could help.
“One positive sign is that over two-thirds (67 percent) of organizations are actively investing in technologies designed for advanced analytics and security operations automation,” said Jane Wong, the company’s vice president of Security Products. “Automation is critical to help reduce the time it takes to respond to attacks, and these technologies should focus on assisting our human analysts, not replacing them.”
A separate report from threat intelligence solutions provider Cyren included account takeover as one of the most prevalent email-borne security threats, especially for companies using Microsoft 365. In its 2022 Benchmarking Survey, the company found that while phishing is the most common breach type, with 69 percent of organizations experiencing at least one successful phishing breach during the past 12 months, Microsoft 365 account takeovers happen more often. An average of 14.5 Microsoft 365 login credential exposures took place per organization in the previous 12 months.