Report: 84% of FIs Targeted by Account Takeover

Report: 84% of FIs Targeted by Account Takeover

September 2, 2021

Eighty-four percent of organizations in a recent poll of financial institutions have experienced account takeovers in the past year, according to a new report. Of those whose customers had accounts compromised, 45 percent experienced fraudulent transactions, 31 percent saw new account creations and 24 percent had funds or other kinds of value such as loyalty points transferred out of the account.

"Throughout the financial services industry, the monetary consequences of credential stuffing and successful account takeovers—both direct, and indirect—have grown beyond a basic 'cost of doing business' to become a material business risk,” said Derek Brink, vice president and research fellow for Aberdeen Strategy & Research, which conducted the survey for web app security firm Perimeter X. "Given the central role of digital credentials in the management of long-term, account-based relationships with their customers, it’s clear that addressing these risks now demands much closer attention."

According to the report, credential stuffing attacks, which provide fraudsters with validated login credentials—the raw material of account takeover attacks—have become significantly easier to automate and perform at scale. Bad actors have compiled and posted a searchable database of 3.3 billion unique username/password combos from multiple mega breaches over the years. And users make their job easier by reusing passwords at multiple sites.

Aberdeen’s quantitative analysis in the report estimated the median cost of an attack ranges from 2.7 percent to 6.4 percent of the revenue generated from financial institutions’ monthly active users.

Previous-Article-CNP  Next-Article-CNP

CNP Virtual Summit Registration


  • Share this Article:
DJ Murphy

Lastest Fraud News