This alert may not be shared outside your organization, Do Not Repost or send, place on other websites, List servers, or send to others via email, including other associations or parties. Members and Law enforcement use only. Contact us for any permissions. To do otherwise will result in the loss of membership.
Complete Story
06/12/2020
Imperva Takes on its Largest Recorded Account Takeover Attack on a Single Company
Security Boulevard
Imperva recently detected and mitigated the largest – and most concentrated – series of brute force ATO (account takeover) attacks in its history. Over the course of 60 hours from midnight on October 28, our ATO team’s monitoring systems detected more than 44 million ATO attempts on the login page of a particular online banking service. We began blocking the attack within 15 minutes of learning of its existence.
What is Account Takeover?
In simple terms, ATOs involve a technique known as brute force credential stuffing, in which illicitly obtained credentials are used to gain unauthorised access to online accounts from where attackers are able to carry out malicious actions such as data theft, identity fraud or to carry out fraudulent e-commerce transactions.
The Scale of This Attack
Comparing the activity during the attack to a typical 24-hour period shows the sheer scale of the malicious activity.
Alerts
The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.
more information
Resources
Your electronic library to help in fighting financial fraud for all of our partners.
more information