Stop Calling It Account Takeover “Fraud”
To actually prevent Account Takeovers you have to threat ATOs as a security threat not fraud....
In Defense of Reddit
Last week, Reddit announced a security incident in which an attacker compromised employee accounts for Reddit’s cloud and source code hosting providers. Breaches like this serve as reality checks to those of us responsible for securing user data and identities online....
Leaked Credentials Database
One item that is commonplace in a hacker’s toolset is a database of leaked user credentials. The database holds a set of exposed user login credentials......
Perimeter-based Security Doesn’t Stop Account Takeovers — It Postpones Them
DDoS prevention, bot prevention, and WAFs were never built for protecting users from ATOs. Its time to combine that with user behavior analytics....
8 Things To Avoid When Building Account Takeover Prevention In-House
Account takeover attacks have evolved dramatically. One recurring theme we’ve seen is that gaps often emerge when the security program’s focus is misplaced....
Account Takeovers Happen At Login. Not The Transaction
Account takeovers (ATOs) are unique in that by the time most companies become aware they have a problem, it’s already too late.....