Account takeover (ATO) attacks skyrocket, with fintech hit hard

Q2 2023 compared to Q2 2022

354%

YoY rise in ATO attacks across Sift’s global network

808%

YoY rise in ATO attacks against fintech

Increase in ATO by vertical across Sift's global network

Q2 2023 compared to Q2 2022

Loyalty

↑890%

Fintech

↑808%

Food & bev

↑485%

Crypto

↑89%

ATO-as-a-service

Fraudsters use automation to accelerate attacks

Atlantis AIO (also known as Atlantis-X) is a fraud-as-a-service credential stuffing tool, accessible via a simple link for $150 per month.

Step 1

A fraudster finds and clicks the Atlantis AIO link and pays the $150 monthly subscription fee. It’s common for users to sign up using cryptocurrency, adding a layer of anonymity to the transaction.

Step 2

Behind the paywall, the fraudster enters the stolen or purchased account credentials into the Atlantis tool, which uses automation to rapidly verify if, and where, those credentials are accurate and active.

Step 3

Login details can be entered individually or in bulk. Once credentials are either authenticated or proven defunct, the fraudster can plan the next phase of attack.

Step 4

The fraudster takes the Atlantis-authenticated data to the related website or app, quickly and easily accessing the compromised account and any funds or additional identification details protected behind it.

Top 3 sites or apps where consumers experienced ATO attacks

Digital subscriptions

Online shopping

Financial services

Consumer insights gathered on behalf of Sift by Researchscape, which polled 1,035 U.S. adults (aged 18+) in July of 2023.

Kevin Lee, Vice President of Trust and Safety at Sift

“2023 has been the year of the account takeover. We’ve seen a perfect storm of factors, from AI-fueled social engineering, the availability of fraud-as-a-service tools, and fraud influencers democratizing access to stolen accounts, leading to an ATO explosion. And while fraudsters are leveraging the most innovative tools and techniques available to steal from businesses and consumers, those businesses need to take advantage of technologies like machine learning and automation to defend against digital risk."

Image of Kevin Lee

Fraud’s impact on customer loyalty

Percent of consumers who would abandon a brand due to fraud

80% due to payment fraud

Data represents responses to multiple surveys of U.S. adults conducted by Sift between 2020–2023.

80% due to payment fraud

due to account takeover

84% due to fake or misleading content

83% due to a fraud dispute