Report: Account Takeover is the New Black
April 2, 2015
While news of retail data breaches that compromised customers’ payment-card information dominated 2014, toward the end of the year and into 2015, the companies and information targeted by hackers shifted. The most publicized breaches of the New Year have targeted insurers Anthem and Premera and resulted in the theft mainly of information like names, email addresses, SSNs, etc. The information being stolen, according to a new report from NuData Security, is indicative of a growing threat to fraudsters taking over online accounts rather than stealing payment card details and making fraudulent transactions. And, in many ways, said Ryan Wilk, NuData’s director of customer success, account takeover is more insidious than its older cousin.
"Fraudsters are moving away from credit cards because the value’s just not there," Wilk told CardNotPresent.com. "It’s like any other business. If you want to create real value with what you’re doing, you need to have a constant revenue stream. U.S. e-commerce sales are continuing to rise, but CNP losses are continuing to rise right along with that and you have to ask yourself why."
Wilk said fraudsters are attacking the process "upstream" at the account login level and many of the best fraud-prevention tools are only looking at the transaction. NuData has found a significant surge recently in login attacks. Over the past 90 days, NuData’s clients have experienced a 112 percent increase in scripted attacks on logins intent on account takeover compared to the same three-month period last year.
A quick look at what information is fetching on the black market tells you all you need to know about what is important to fraudsters, Wilk said.
"Right after a breach, a credit card is pretty valuable. It’s about $45," he noted. "But about two months after that it goes to around 50 cents. In that time the validity of that card goes down to less than 50 percent valid. But we’re finding username and password data is holding its value. Even if a login gets changed you still have that really deep knowledge of what usernames exist within different environments. The information can be used to leverage other opportunities."