Beyond the Breach: Account Takeover Data & Insights

Advancements in generative AI and automation tools are making it increasingly challenging to detect account breaches quickly and accurately. Fraudsters leverage GenAI to create sophisticated social engineering attacks, such as realistic phishing emails, scam texts, and scripts, as well as convincing voice and video fakes. They can also fabricate identities and documents to bypass verification processes, using deepfakes to gain access to credentials and accounts. As a result, more consumers are expressing concern over the implications of AI on the security of their accounts.

In one Fraud-as-a-Service (FaaS) scheme centered around ATO, fraudsters work together on deep web messaging platforms like Telegram—advertising tools and tactics for fellow fraudsters to hack celebrity social media accounts in order to spread malicious links. This activity shows that fraudsters have their own specialties and are learning to combine forces to amplify the success of their attacks. Some fraudsters are even launching their own illicit tools to capitalize on the democratization of fraud. One such tool for rent promises access to a variety of identity data, including data leak lookups, for a weekly fee.

The Identity Theft Tool is an easy-to-use fraud-as-a-service product marketed on Telegram that cybercriminals use to exploit compromised data. Fraudsters developed the bot to aggregate breached data from various sources, such as Intelligence X, and market it on Telegram for prices as low as $10 per week. After purchasing access, they’re able to search for individuals or corporate accounts to obtain credentials that may have been part of large-scale data breaches. The tool enables anyone with internet access to find credentials for almost anyone, including public figures and celebrities—all within minutes.

Sift’s Trust and Safety Architect team was able to seemingly validate the information of many individuals, including noteworthy public figures, by cross-referencing public information with what was discovered using the tool. Fraudsters can use this data to directly access accounts or send phishing emails and texts to obtain any missing credentials needed to log into the accounts and steal payment information. This process highlights the ease and speed with which fraudsters can access and exploit compromised data, and serves as a frightening example of the democratization of fraud and the rise of fraud-as-a-service.

Building on these foundational strategies, it’s essential to consider the next frontier in fraud prevention. Experts predict that the future of online fraud detection lies in the fusion of cybersecurity and fraud prevention, a convergence expected to revolutionize how companies combat sophisticated online threats. Research shows that nearly 70% of security leaders view ATO attacks as the greatest concern to their organizations, underscoring the urgency for innovation. As markets merge, forward-thinking organizations are integrating cybersecurity and fraud prevention teams, tools, and processes to create a unified defense against ATO threats. This cyber-fraud fusion, driven by AI-powered solutions like Sift, enables businesses to monitor user behavior across the entire journey, adapt to emerging risks, and protect both their bottom line and customer experience. By aligning resources and breaking down silos, organizations can better anticipate and counteract increasingly complex cyber-fraud schemes.

*On behalf of Sift, Researchscape International polled 1,096 adults (aged 18+) across the United States via online survey in July 2024.