Fighting Account Takeover - Change The Battle and Win
Recent years have seen headline after headline about massive thefts of user data, including passwords, email addresses, and personal data. Anthem (80M accounts compromised), LinkedIn (117M) and Yahoo (1B) are just a few examples from the last year. Attackers are monetizing these accounts and credentials to harvest gift card, purchases and commit fraud on behalf of users, and resell credentials on the dark web. Losses from Account Takeover (ATO) in the US alone are estimated at $2.3 billion in 2016, up 61%.
Armed with databases of users credentials and distributed automated tools, attackers are unleashing large advanced ATO attacks, that easily pass traditional security methods like Web Application Firewall (WAF), rate limiting and IP reputation based detections. In this webinar we present different advanced methods used by attackers to bypass existing protections, based on actual large scale attacks we have detected, and discuss new methods to detect and fight these kind of attacks and win the war against ATO.