Account takeover attacks, in which a hacker gains unauthorised access to a user’s account, can be one of the most damaging attacks that a business may face, and are unfortunately rising in popularity at an unsettling rate.
The Techniques Behind Account Takeover
Account takeover attacks, as the name implies, always end with an online account being accessed by a hacker without the permission of the account owner, but there are a variety of tactics that an attacker can leverage to achieve this:
Phishing is one of the most common threats that can lead to account takeover. Typically delivered via email, these attacks impersonate trusted brands to trick their targets into following links to fake login pages, unknowingly handing their credentials over to cyber criminals.
- Credential Stuffing
Hackers can find lists of leaked usernames and passwords easily online, allowing them to test different credential combinations against a variety of websites until they are successful.
- Brute-Force Hacking
One of the most classic methods for account takeover, which is still widely used today, is a standard brute-force attack in which a hacker leverages an automated script to attempt countless potential password combinations until the account is breached. This is unfortunately made much easier for attackers due to the weak passwords used by the majority of users.
How to Prevent Account Takeover
Account takeover is a serious issue. A single compromised account, depending on the department access of the user who owns it, can lead to valuable data being leaked, financial theft, reputational damage and more. Additionally, these accounts are more and more frequently used to launch lateral phishing campaigns, increasing the attacker’s hold over the rest of the network and magnifying any business impacts.
Fortunately, the risk of falling victim to this threat can be reduced significantly by following these five key steps:
- Strengthen Your Passwords
In this day and age everyone is aware of the importance of strong and secure passwords – yet so many people continue to ignore the risk. Even as recent as 2020, the top 5 most common passwords included ‘123456’ and ‘password’.
By implementing tools like password managers, it can be much easier for businesses to enforce the use of strong and unique passwords across the network.
- Limit Log-Ins
By providing a finite amount of login attempts before an account is locked, cyber criminals can’t spam various password combinations hoping to find the right one, significantly reducing the likelihood of falling victim to a brute-force style hack.
- Implement Multi-Factor Authentication
MFA is becoming one of the most common tools for protecting accounts from unauthorised access. After a user has entered a correct password, this security tool will require the user to enter an additional unique code that is most commonly sent to the email or phone number already linked to the account in question. This means that even if an attacker possesses the correct username and password for the account, they would also need access to the user’s email account or mobile device to successfully log in.
- Identify Threats with AI-Based Email Defence
Static email policies can be tricked into thinking that account takeover attempts, whether leveraging brand impersonation or lateral phishing, are actually legitimate. By using an inbox defence solution with artificial intelligence and machine learning, any unusual requests, suspicious language or domains not associated with the mentioned brand can be flagged with behavioural analysis.
Find out more about AI Email Defence >>
- Teach User Awareness
Employees are often the last line of defence against account takeover – properly educating them on the signs and symptoms of a compromised account is essential. Training tools that showcase account takeover interactions or phishing emails can help them protect their online identity and avoiding social engineering tricks.
Find out more about User Awareness Training >>