New security offering to guard against account take overs
Data breaches caused by account take overs (ATOs) are a growing problem, partly due to people reusing passwords so that when a high profile breach -- such as the recent one at Yahoo -- occurs other accounts are put at risk.
User behavior specialist Sift Science is taking on this threat and expanding into the cyber security market with a new tool to detect ATOs.
Sift ATO Prevention assesses customer data as well as anonymized data from Sift's global network of customers to flag accounts that raise suspicions of having been taken over. Accounts are flagged using algorithms that automatically apply learning patterns from similar types of bad behavior. This makes it possible to review thousands of accounts at the same time without manual intervention.
Data taken into consideration and used to weed out ATO includes: login attempts from different devices and locations, unusual purchasing patterns, changed settings (such as shipping addresses and passwords) and multiple failed login attempts.
The product gives enterprises the power to watch for fraudulent activity and take steps to protect their users -- whether that means sending a warning email to good users or blocking criminals from accessing good accounts -- before ATO fraudsters can cause monetary or reputational damage.
"The threat landscape is changing. As we move more of our lives online, fraudsters are also flocking to account takeover (ATO), which allow them to access richer information and cause more damage -- all while flying under the radar as a legitimate, trusted user," says Bill Hodak, head of marketing at Sift Science, writing on the company’s blog. "ATO is the downstream effect of a worrying rise in massive data breaches and phishing attacks. Criminals have easy access to billions of credentials, which they systematically test on sites and apps until they find a match. The result? 48 percent of online businesses saw a rise in ATO attempts last year. Faced with this growing threat, you have to ask yourself: are you doing enough to prevent your users' accounts from being hacked?"
You can find out more and sign up for a 30-day free trial on the Sift Science website.
Photo Credit: triocean/Shutterstock