One of the biggest threats facing online businesses around the globe is account takeover. Account takeovers (ATO) happen when a fraudster uses the credentials of a genuine user to gain access to multiple accounts of theirs, and misuse them. The fraudster is then able to access the account details, potentially changing them, and will more often than not make a purchase using the card on the account. This means that not only are genuine customer cards being used by fraudsters, but they’re doing so from the cardholder’s account.
These details, like stolen cards, are found on the dark web following a large data breach and then purchased by fraudsters to be used across merchants since many consumers use the same login details for multiple online accounts. This can create a frenzy of fraudulent activity on a merchant’s platform in addition to the payment fraud already plaguing them. With the data breaches not stopping anytime soon, online businesses need to educate themselves on new threats like ATO, as well as get adequate tools in place to protect their business.
For more information on ATO, read our Fraud Guide article, An intelligent responses to account takeover.