Account takeover is considered one of the more harmful and nefarious ways to access a user’s account. The attacker typically poses as a genuine customer, user, or employee, eventually gaining entry to the accounts of the individual they’re impersonating. Scarier yet, user credentials can be sourced from the deep web and matched against e-commerce sites with the help of bots and other automated tools for quick and easy entry. Fitbit even fell victim to this type of attack in 2015. Hackers employed a two-pronged approach, exposing log-in details to customers’ FitBit accounts, changing the email they registered with, and then calling up customer support with a complaint about the device so that they could get a replacement under their warranty.

What you need to know

Rather than stealing the card or credentials outright, account takeover is more surreptitious, allowing the attacker to get as much use out of the stolen card as possible before being flagged for suspicious activity. Banks, major marketplaces, and financial services like PayPal are common targets, and any website that requires a login is susceptible to this type of attack.

How the attack happens

Some of the most common methods include proxy-based “checker” one-click apps, brute force botnet attacks, phishing, and g and malware. Other methods include dumpster diving to find personal information in discarded mail, and outright buying lists of “Fullz,” a slang term for full packages of identifying information sold on the black market. Once the profile of the victim is purchased or built, an identity thief can use the information to defeat a knowledge-based authentication system.

 Where does the attack come from

An enormous volume of our transactions — financial and otherwise — take place online. For cybercriminals, acquiring account credentials and personal information (like social security numbers, home addresses, phone numbers, credit card numbers, and other financial information) is a lucrative business, whether they choose to sell the acquired information or use it for their gain. As such, these kinds of attacks can originate anywhere in the world.