For merchants dealing with pervasive account takeover attacks who thought the current situation couldn’t get worse, a new report suggests the threat is still growing. In its 2022 State of Secure Identity Report, Auth0—the customer identity and access management (CIAM) unit of security management platform provider Okta—said several factors indicate that attackers are getting better at compromising customer accounts and doing it more.
An analysis of the Auth0 network found that in the first 90 days of 2022, fraudulent attempts accounted for nearly a quarter of all new account signups, up from 15 percent in the same period a year earlier. Online retailers were not as attractive a target for bad actors as energy/utilities and financial services, for which 66 percent and 72 percent, respectively, of new signups were fraudulent.
The report also found credential stuffing—where fraudsters use bots to test stolen username/password combinations at scale to validate them before monetizing them—is on a record pace. The two largest credential stuffing attacks the company said it ever witnessed happened in Q1 of 2022. Across all industries, credential stuffing accounted for 34 percent of overall traffic or authentication events on the Auth0 platform.
“Stopping today’s sophisticated credential stuffing attacks, signup attacks, MFA bypass attacks, and other identity threats and disrupting threat actor business models—while preserving an appropriate level of friction for legitimate users—is only possible by combining multiple security tools, operating at different layers, into a cohesive defensive posture,” the report’s authors wrote. “In the context of CIAM, this layered approach corresponds to employing defensive measures before and throughout the authentication workflow at the user, application, and network layers.”