Sunday, June 8, 2025

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Creators Network
    • Latest Posts
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • Calendar View
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About
  • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Data Security Security Bloggers Network Threats & Breaches 

Home » Security Bloggers Network » Harmonizing Security and Usability to Tackle Account Takeover

SBN

Harmonizing Security and Usability to Tackle Account Takeover

by Enzoic on September 17, 2024

Account takeover (ATO) has become a significant threat to online platforms and consumers, costing billions annually. With the increasing digitization of services, threat actors have found numerous ways to exploit stolen credentials, resulting in account takeovers across various sectors. The challenge for organizations lies in balancing strong security measures with a seamless user experience, a delicate trade-off that often pits usability against safety. But ignoring ATO threats is no longer an option, given the scale of financial and reputational damage associated with these attacks.

The Growing Threat of Account Takeover

Cybercriminals have honed their techniques for leveraging stolen passwords across platforms, taking advantage of several factors:

  • Access to Stolen Credentials on the Dark Web: Breached credentials are widely available for purchase and use in automated attacks.
  • Password Reuse: A vast majority of users—around 85%—reuse the same password across multiple websites, creating an easy avenue for hackers.
  • User Convenience: Customers prefer simple, easy access to their accounts. When security measures are too burdensome, users disengage.

Striking a balance between security and convenience is the core challenge for organizations. Increasing security measures, like multi-factor authentication (MFA), doesn’t fully resolve the issue and can potentially frustrate users. Organizations must understand the mechanics of account takeover fraud, its causes, and how to address the problem without alienating users.

Techstrong Gang Youtube
AWS Hub

Understanding How Account Takeover Occurs

In 2024, Enzoic researchers discovered a staggering 600,000 breached credentials appearing on the Dark Web each and every hour. Attackers use a variety of methods to collect passwords, including phishing, malware, and direct hacks on corporate systems. Once obtained, stolen credentials can be monetized, even targeting organizations unrelated to the initial breach.

The widespread reuse of credentials allows attackers to leverage low-value breaches to conduct more severe attacks elsewhere through a technique known as credential stuffing.

Credential Stuffing: A Preferred Attack Method

Credential stuffing involves taking a set of stolen usernames and passwords from one site and using them to attempt logins on multiple other sites. Automated tools and botnets allow attackers to perform massive-scale attacks, submitting millions of login attempts across many platforms. These attacks are difficult to detect, as each login attempt uses different IP addresses and employs sophisticated techniques to evade detection.

Credential stuffing has become incredibly widespread, with Akamai reporting 61 billion attempts in 2023. Even a small success rate in these attacks can have devastating consequences, from financial fraud to data theft, making this one of the most lucrative forms of cybercrime today.

Real-World Impact: Snowflake’s ATO Incident

A notable case in 2024 involved Snowflake, a cloud data platform. Though Snowflake itself wasn’t breached, attackers used credentials exposed in other breaches to target its customers, demanding ransoms of $300,000 to $5 million.

Enzoic researchers had flagged these compromised credentials in their database years earlier, emphasizing the importance of proactive monitoring to prevent ATO incidents before they escalate.

All Online Accounts Are at Risk

While consumer-facing organizations are heavily impacted by financial fraud, other types of organizations are also affected. In today’s app-driven economy, where every business operates as a software business, the range of accounts that interest cybercriminals has expanded significantly.

  • Bank Accounts: Stolen credentials allow unauthorized access, leading to financial losses for account holders and institutions.
  • Credit Card Accounts: Identity theft and unauthorized purchases are common issues.
  • Online Retail Accounts: Hackers place fraudulent orders, leading to revenue loss and damage to business reputation.
  • Online SaaS Services: Applications and email accounts are exploited for phishing and other illegal activities.
  • Online Streaming Services: Accounts are hacked to resell access through illegal streaming services.
  • Gaming Sites: Young and inexperienced users are targets, with compromised accounts sold on the Dark Web.
  • Loyalty Programs: Points and rewards, such as in the recent Chick-fil-A credential stuffing attacks, are drained and sold in illicit markets.

The broader range of account types being targeted underscores the need for comprehensive account protection across industries.

The Hidden Costs: Customer Attrition and Brand Damage

While the financial losses from ATO are significant, organizations also face reputational damage. Studies show that 76% of customers are likely to abandon a brand after experiencing account takeover. Beyond direct monetary losses, the erosion of trust can lead to long-term consequences, such as lost customer loyalty and diminished brand reputation.

The Limitations of MFA 

Though MFA adds a layer of security by requiring an additional identity verification step, its adoption remains low. For example, only 22% of Microsoft’s Azure AD customers use MFA, and Google reported that only 45% of users had enabled MFA on at least one account. Even when used, MFA reduces takeovers by only about 50%, highlighting its limitations.

Furthermore, MFA is vulnerable to specific attacks, like SIM-swapping, which was on the rise in 2023, allowing attackers to bypass SMS-based verification.

The Role of Password Monitoring in ATO Prevention

While MFA is a useful security measure, it’s not sufficient on its own. Password monitoring offers an additional layer of protection by identifying compromised credentials before they can be used in an attack. Continuous monitoring allows organizations to detect when user passwords have been exposed and prompt a password reset before the account is compromised.

How Enzoic’s Password Monitoring Works

Enzoic’s team of threat researchers actively monitors and collects data from the Dark Web, as well as from public breaches, continuously gathering compromised credentials and other sensitive information. This data is then transformed into actionable intelligence, enabling organizations to proactively detect and prevent potential security threats. By integrating this intelligence into the authentication process, Enzoic ensures that credentials are screened in real-time during login attempts, account setups, and password resets. This approach allows organizations to block compromised passwords before they can be exploited, without requiring any additional steps or interruptions for the end-user. The entire process operates seamlessly in the background, maintaining a smooth and secure user experience while strengthening overall account security.

Enzoic’s monitoring solutions can be integrated into both internal systems like Active Directory and external login flows, enabling organizations to protect their users and customers from ATO threats. By preventing the use of compromised passwords, whether for employees or end-users, Enzoic helps mitigate ATO risks in real-time. This capability extends beyond simple password management, offering comprehensive protection against credential-based attacks across a variety of use cases, ensuring security for both internal accounts or external customer-facing systems.

Conclusion: Balancing Security and User Experience

Preventing account takeover fraud is no longer a question of “if” but “how.” While solutions like multi-factor authentication provide some protection, organizations need proactive measures, such as password monitoring and real-time credential screening, to combat these threats effectively. Balancing security with a smooth user experience is crucial to protecting customers without driving them away.

Enzoic’s solutions offer a way for businesses to stay ahead of the evolving threat landscape while maintaining user-friendly interactions. By leveraging advanced threat intelligence, organizations can prevent credential stuffing and account takeovers without compromising usability. Read the e-book on how to tackle account takeover without compromising user experience.

*** This is a Security Bloggers Network syndicated blog from Blog | Enzoic authored by Enzoic. Read the original post at: https://www.enzoic.com/blog/tackle-account-takeover/

September 17, 2024September 17, 2024 Enzoic account takeover, Data breaches
  • ← SBOMs and your org: Go beyond checkbox security to manage risk
  • The risks of expired SSL certificates for enterprise organizations →

Techstrong TV

Click full-screen to enable volume control
Watch latest episodes and shows

Cloud Field Day

Upcoming Webinars

How to Spot and Stop Security Risks From Unmanaged AI Tools
Software Supply Chain Security: Navigating NIST, CRA, and FDA Regulations

Podcast

Listen to all of our podcasts

Press Releases

GoPlus's Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

Subscribe to our Newsletters

ThreatLocker

Most Read on the Boulevard

Meta’s Secret Spyware: ‘Local Mess’ Hack Tracks You Across the Web
Akamai Extends Cybersecurity Reach to DNS Posture Management
Yet Another Exposed Database, This Time with 184 Million Records
Barracuda Networks Leverages AI to Integrate Cybersecurity Workflows
From Idea to Outcome: How WWT Is Leading the AI Security Conversation at Scale
EU Launches New Vulnerability Database to Enhance Cybersecurity
Anthropic Unveils Claude 4 Family and New AI Models
Coinbase Aware of Data Breach Since January, Report Reveals
Cybersecurity Needs Satellite Navigation, Not Paper Maps
OffensiveCon25 – No Signal, No Security: Dynamic Baseband Vulnerability Research

Industry Spotlight

Meta’s Secret Spyware: ‘Local Mess’ Hack Tracks You Across the Web
Application Security Cloud Security Cyberlaw Cybersecurity Data Privacy DevOps Endpoint Featured Governance, Risk & Compliance Humor Identity & Access Incident Response Industry Spotlight Malware Mobile Security Most Read This Week Network Security News Popular Post Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threats & Breaches Vulnerabilities 

Meta’s Secret Spyware: ‘Local Mess’ Hack Tracks You Across the Web

June 4, 2025 Richi Jennings | 3 days ago 0
USDA Worker, 5 Others Charged in Food Stamp Fraud Operation
Cyberlaw Cybersecurity Data Security Featured Governance, Risk & Compliance Identity & Access Industry Spotlight News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight 

USDA Worker, 5 Others Charged in Food Stamp Fraud Operation

May 30, 2025 Jeffrey Burt | May 30 0
Victoria’s Secret Hit By ‘Security Incident’ After Attacks on UK Retailers
Cloud Security Cybersecurity Data Security Featured Incident Response Industry Spotlight Malware Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence Threats & Breaches 

Victoria’s Secret Hit By ‘Security Incident’ After Attacks on UK Retailers

May 29, 2025 Jeffrey Burt | May 29 0

Top Stories

Zscaler Tightens AI Security With New Tools
Application Security Cybersecurity Data Privacy Data Security Featured Network Security News Social - Facebook Social - LinkedIn Social - X Zero-Trust 

Zscaler Tightens AI Security With New Tools

June 5, 2025 Jon Swartz | 2 days ago 0
Microsoft Launches Free Security Program for European Governments
Cloud Security Cybersecurity Data Privacy Data Security Featured Governance, Risk & Compliance Incident Response Malware Mobile Security Network Security News Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence Threats & Breaches 

Microsoft Launches Free Security Program for European Governments

June 4, 2025 Jeffrey Burt | 3 days ago 0
Microsoft, CrowdStrike Partner to Bring Clarity to Threat Actor Identities
Cloud Security Cybersecurity Data Security Featured Identity & Access Incident Response Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence Threats & Breaches 

Microsoft, CrowdStrike Partner to Bring Clarity to Threat Actor Identities

June 3, 2025 Jeffrey Burt | 4 days ago 0

Security Humor

Facebook CEO Mark Zuckerberg announces the plan to make Facebook more private at Facebook’s Developer Conference on April 30, 2019

Meta’s Secret Spyware: ‘Local Mess’ Hack Tracks You Across the Web

Download Free eBook

Managing the AppSec Toolstack

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Creators Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Cloud Native Now
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2025 Techstrong Group Inc. All rights reserved.
×