What is account takeover?

Account takeover is when fraudsters will obtain your credentials to control your online account.

Criminals can obtain account information in different ways:

  1. Data breaches
  2. Black Market
  3. Brute force attack
  4. Phishing attack
  5. Keyloggers

Once obtained the credentials, the attacker will try to login to check the validity of the information.

The attack is performed on a single scale or mass scale.

When an attacker is verifying large amounts of credentials, it is called Credential stuffing.

How to protect

  1. Use a password manager Password managers help you in managing all the complexity of the passwords
  2. Always use a different password for each account,
  3. Use masked emails to help you create multiple identities that are all connected to one mail.
  4. Use 2FA or multi-factor authentication methods 2FA helps in adding a second layer of security
  5. Patch & update