Solutions overview
Harness the power of your data
Support and investigations
Support services for Ravelin
Online payment fraud
Account security
Policyabuse
Marketplace fraud
3DSecure
Resource Zone
Deep dives on fraud & payments topics
API & developer docs
APIs, glossary, guides, libraries and SDKs
Global Payment Regulation Map
Track PSD2 & more with a full report
Blog
The latest fraud & payments updates
Insights
In-depth guides to fraud, payments & security
About Ravelin
Discover the story about Ravelin
Careers
Join our dynamic team
Customers
Read more about our happy customers
Press
Get the latest Ravelin news
Support & investigations
Accept more payments securely
Protect your customer accounts
Policy abuse
Stop policy abuse to protect your bottom line
Ravelin for marketplace fraud
3D Secure
Ravelin 3DS & SDKs
Resource zone
Global Payment regulation map
Read more about our happy custmomers
Blog / Account Takeover
Are you aware that Covid-19 increased the value of your customer accounts? Account takeover attackers are gaming the pandemic to their advantage, and your business could be at risk...
Share this article:
Account takeovers have always been a threat to merchants, but the Covid-driven digital acceleration created perfect conditions for attacks to thrive. Not only were fraudsters given more time at home to focus on attacks, but the number of potential victims increased, as customers had to work, play and shop online.
Account takeovers are one of the fastest growing threats to your business. The Account Takeover Update 2021 reveals that half of merchants noticed an increase in attacks in the past year, and an average merchant experiences around one high-impact attack per week, resulting in eye-watering revenue losses and irreparable brand damage.
All businesses with customer accounts are at risk of account takeovers, but some merchants are more vulnerable to attacks than others. Let’s look at how Covid amplifies the threat of account takeovers to understand if your business could be at risk…
Out of all industries, online gaming, travel, taxi/cab, food delivery and grocery merchants experience the most account takeover attacks. These accounts may not seem especially lucrative or valuable, but sophisticated attackers have been profiting from them during the pandemic.
What features make an account a hot target?
Non physical goods: digital goods appeal to account takeover attackers, as products can be easily sold online without the operational effort of reselling physical goods.
Instant purchases: instant purchases are faster to monetise.
High-demand: sought after goods are naturally easier for fraudsters to sell.
These features have always been attractive to fraudsters, but here’s why Covid-19 intensified attacks against these specific accounts...
Covid-19 caused online gaming sales to sky-rocket, as customers were in need of indoor digital entertainment, and ways to virtually connect with others. But, the growth in users and demand caused digital goods merchants to experience a massive increase in account takeover activity.
Online gaming accounts are non-physical goods, so are easy for attackers to resell. Plus, attackers can steal in-game currency on some platforms. Gaming platform Steam saw valuable digital trading cards being sold on their Community Market for hundreds of dollars.
World-leading online game Fortnite offers an in-game currency called V-Bucks that attracts attackers. They can resell V-Bucks or use them as bait in phishing attacks: “enter your details to win free V-Bucks!” Shortly after the game’s release, 4,770 fraudulent Fortnite websites and 1,390 related videos containing links to malware appeared online.
While Fornite has a loyal fanbase, if your business becomes a known target of account takeovers, it can massively impact customer trust. Around 33% of players now abstain from in-game purchases to avoid falling victim, creating a dent in sales. If customers feel unsafe, they can easily take their business elsewhere.
Travel merchants were hard-hit by the pandemic, with several iconic travel brands going under and many facing huge levels of chargebacks due to global travel restrictions. Attackers targeted the weakened industry, as account takeovers increased for 48% of travel merchants mid pandemic.
Attackers used the pandemic lull to hoard stolen travel accounts, waiting to strike when the industry takes off again. A significant industry data breach occurred in May 2021, impacting 1.35 million members from multiple global airlines. Sophisticated attackers are still ruthlessly targeting travel accounts, often to steal their airmiles or loyalty points.
Airmiles, loyalty points and rewards points are gold-dust for account takeover attackers, as they are easy to access, and can be extremely profitable. One attacker bought a flatscreen TV from just one customer’s travel loyalty points. Victims don’t check their points regularly, so often fail to notice an attack, making it difficult for fraud teams to prevent them.
Taxi/cab firms struggled throughout the pandemic, as tourism paused and customers were encouraged to stay at home. Major cities saw taxi/cab traffic decrease, and a fifth of London’s black cabs were taken off the road. On top of sales plummeting, taxi/cabs experienced over one account takeover attack a week in 2020.
Taxi/cab accounts have always been a target as they are instant purchases, and account addresses can change without raising suspicion. Attackers often make money by reselling taxi/cab accounts to customers looking for a cheap ride.
The demand for discounted taxi rides may have unexpectedly risen due to Covid. Strapped-for-cash customers are in need of discounts, and many are reluctant to take public transport for fear of spreading Covid. Attackers can offer safe taxi rides for less money, and as hygiene remains a concern in 2021, the popularity of these reselling schemes could continue to rise.
Covid-19 forced restaurants to close, and at-home food delivery boomed - Uber announced that food delivery revenue in Q4 2020 was up a huge 224% YoY. This boom intensified account takeover attacks as fraudsters could hide amongst increased transaction volumes and target new customer accounts.
Successful attackers can take over an account to order and resell food/drink at a discount to customers. Covid-19 increased the demand for discounts, boosting the popularity of “pizza plug” schemes, as Integrations Engineer, Bhavin Tailor explains in our recent account takeover webinar.
Attackers can instantly purchase typically lucrative items like expensive alcohol on food delivery apps. One popular YouTube couple, Joel and Lia, had a £51.58 bottle of Ciroc vodka ordered on their account following a takeover. Fraudsters often trade expensive alcohol online, but account takeover eliminates the hassle of arranging delivery - the merchant does it for them.
Grocery merchants saw over 5 attacks per month - more than any other retailers. Covid-19 had a massive impact on this industry, causing huge spikes in online transaction volumes that overwhelmed teams. Plus, many grocery stores kept their doors open for essential trading, putting huge strains on fulfilment.
Many key UK grocery merchants had to limit orders to existing customers or those registered as ‘vulnerable’ to cope with the demand. It’s likely that these coveted accounts became account takeover targets.
Many grocery accounts store loyalty points that attackers can steal. UK grocery giant Tesco experienced mass account takeover attempts in May last year against Clubcard (loyalty point) holders, impacting 600,000 customers. Public attacks can cause customers to shop elsewhere - a massive concern for UK grocery merchants who are in an especially competitive market.
Some merchants may have been targeted more heavily than others due to Covid-19, but account takeovers are increasing across all industries. All customer accounts can become high value to sophisticated fraudsters. If you think that your business is at risk of account takeovers, read our Account Takeover Update 2021.
Grace Proctor, Content Writer
Blog / PSD2
How we’ve balanced fraud risk and friction: Deliveroo's journey with rule experimentation to reduce 3DS use by 40%...
Jack Dai, Data Scientist at Deliveroo
Blog / News
E-commerce CFOs need to understand the scale of the fraud risk that their businesses face. Our survey dives deep on where smart CFOs are directing investment to keep their companies secure...
Gerry Carr, CMO
Two-factor authentication (2FA) is a widely used security measure designed to prevent account takeover (ATO). But there are very real gaps and limitations in its effectiveness that fraudsters can exploit...
Clayton Black, Product Manager