Account Takeover Protection

Threat Series

Numerous reports online indicate that Account Takeover Attacks (ATOs) skyrocketed 300% during the pandemic, with no sign of this trend abating. ATO attacks are on the rise because they require a low level of sophistication, and they remain a profitable tool in the cybercriminal’s arsenal. CISOs and business leaders need to think differently about how to protect their organizations and assets in this increasingly dynamic cyber threat environment.

A recent Aberdeen Group report found that 84% of financial institutions experienced ATO-type attacks in the past year, and it can cost up to 8.3% of their annual revenue. In a report by Juniper Research, online payment fraud will cost eCommerce merchants over $52 billion by 2025. This trend tracks with Microsoft’s recent report that the adoption of MFA remains low, the increase in ‘Zelle Fraud’ and ultimately the prevalence of weak and compromised credentials.

ATO attacks are a huge reputational risk for businesses in the finance industry, but that pales in comparison when customers lose their entire life savings.

Why ATO Attacks Are Successful

ATO attacks depend on credentials recovered from the dark web and public breach data to be successful, and often their use goes unnoticed by businesses. The Identity Theft Resource Center’s 2021 Data Breach Report indicates that 2021 was a record year, with breaches up 68% from the previous year. Such breaches result in vast amounts of personally identifiable information (PII), payment card numbers, and usernames and passwords being available on the internet.

In addition, cybercriminals know that consumers reuse the same password for multiple accounts on the internet. According to one Google survey, upwards of 52% of respondents indicated that they reuse the same passwords. From a hacker’s standpoint, reused credentials mean that passwords that work on one website have a likelihood of working on others, leading to a successful account takeover.

Another reason that ATO attacks are so effective is that hackers launch them in stealth mode. Like the Beastie Boys song of the same name, fraudsters use bots to carry out their attacks ‘slow and low’ often flying under the radar without being detected. Often these attacks are performed through proxy services distributed across the globe that obscure the attacker’s location.  These attacks are automated, making them easy to scale, while difficult to detect.

Even when the success of ATO attacks is in the low single digits, they are conducted on a global scale which makes them pervasive and dangerous to businesses. Single-digit success rates of very large numbers are still a very large number, which means that ATO attacks are profitable and will not disappear anytime soon.


Stop ATO Attacks with CredVerify

CredVerify is a credential verification service that helps organizations detect compromised credentials before hackers do. VeriClouds uses the same data attackers do, proactively monitoring the dark web and systematically reducing user‑centric risk. VeriClouds provides the best approach to eliminate the biggest cause of massive data breaches, the weak and/or stolen password.

With over 81% of data breaches involving weak or stolen credentials, having a solution that proactively detects and remediates this problem is no longer optional. To proactively detect threats before they can do damage, you need a solution to quickly identify when credentials have been compromised or reused, and act on that insight in real time. By automating the detection and response known leaked credentials, CredVerify can minimize risks and incurred costs from credential stuffing attacks and data breaches.

We Accept Only Business Email Addresses – No Free or ISP Email Addresses

Please enter a business email address to obtain proper delivery of the product. If you do not have a business email address or experience any issues during the registration process, please send an email to