Bots that can launch hundreds of attacks per second are making account takeover fraud more difficult to defend against.
Modern malicious botnets can do far more than launch huge DDoS attacks: According to a new report, criminals participating in account takeover activities are using botnets to launch more than 100 of these attacks every second.
The report, published by e-commerce fraud prevention company Forter, says that between 20% and 30% of all account takeover attacks are launched by organized fraud rings, and these organized groups are seeing greater success. More than 80% of all account takeover attacks are launched by fewer than 10% of the attackers targeting the site.
Organizations that offer more services on their web sites may increase customer loyalty, but they also increase their site’s attractiveness to criminals, says the report. Loyalty programs, for example, increase their risk of account takeover attacks by as much as 200%.
As for prevention, the report points out that a focus solely on the point of transaction may be misguided, since fraud actors may well have been watching a victim’s behavior for days or weeks.