By Roberto Valerio, CEO, Risk Ident
Account takeover fraud is one of the fastest-growing problems in the CNP world today. Over the past year, we at Risk Ident have noted up to a 300 percent increase in account takeover attempts on our customers. Recently, a big case of account takeover was made public when it was reported that O2 customer usernames and passwords had been obtained by fraudsters. And that’s just one example.
But, what exactly is happening when fraudsters take over user accounts? Let’s start at the beginning: personal data theft is a very common strategy among online fraudsters. Once they have stolen identity data, they can create new accounts on, for example, e-commerce sites and then begin ordering merchandise, often making a profit by reselling the delivered items.
While names, addresses and phone numbers can often be found in phone books or online, fraudsters will even go as far as to take data from announcements of death. Sometimes fraudsters will also go for the easy option and simply buy details from the dark corners of the black market online where they can find everything they need. All these techniques can give fraudsters what they want—instant access to easy, lucrative rewards. And, they can be off before anyone even knew they were there.
Hijacked User Accounts
However, account takeover attacks go beyond mere stolen identities. Fraudsters
By Signing up for the CNP Report you receive:
- Unlimited access to the entire CardNotPresent.com site
- Share your comments on articles and join the conversation
- Receive our CNP Report Newsletter