Account Takeovers 2018-06-12T14:31:16+00:00

Account Takeover

Account takeover is a lucrative business for cybercriminals with estimates of total ATO fraud reaching $5.1B in 2017, a 120% increase from 2016. Accounts can contain valuable information and or be used to launch spam or abuse campaigns. As data breaches proliferate, stolen credentials are becoming easier and cheaper to purchase on the dark web. DataVisor’s Unsupervised Machine Learning Engine analyzes all accounts and events simultaneously, allowing it to detect the hidden connections between hijacked accounts, even when each account is not suspicious in isolation. This allows it to detect the accounts without training data or labels, even as attackers use sophisticated and evolving tactics to evade detection.

How Attackers Take Over Accounts 

Massive bot armies for account takeover

Massive Bot Armies

Fraudsters use armies of bots to test millions of stolen credentials or access accounts with commonly-used passwords.

IP obfuscation account takeover

IP Obfuscation

Fraudsters utilize proxies, VPNs, or cloud-hosting services to evade IP blacklists and appear as multiple legitimate users.

Device obfuscation for account takeover

Device Obfuscation

Fraudsters utilize mobile device flashing, virtual machines and scripts to appear as though the login events are coming from different devices.

Why UML for Account Takeover Detection

Modern account-takeover attacks are coordinated and distributed, using stolen credentials and detection-evasion tactics. Because traditional fraud solutions only analyze each account in isolation, they are often unable to effectively detect these attacks. DataVisor’s Unsupervised Machine Learning Engine analyzes all user accounts and events at the same time, uncovering the hidden connections between them. This allows it to detect stolen accounts without training data or labels, even if there is nothing suspicious about the account in isolation.
Stop evolving account takeover threats

Stop Evolving Threats

Fraudsters use armies of bots to test millions of stolen credentials or access accounts with commonly-used passwords.

Early detection of account takeover

Early Detection

Detect account takeover at login before any downstream damage is done.

high accuracy and coverage to detect account takeover

Accuracy & Coverage

Catch entire rings of hijacked accounts without impacting good users.

Learn More About How DataVisor Stops ATOs

The DataVisor Platform

Unsupervised Machine Learning Engine

Predict new, unknown threats without labels or training data by analyzing hundreds of millions of accounts and events simultaneously using the industry’s most advanced unsupervised learning technology.

Supervised Machine Learning Engine

Use industry leading supervised machine learning algorithms to augment the unsupervised machine learning detection with client-provided labels.

Automated Rules Engine

Generate and deprecate rules automatically, lowering maintenance costs and improving results explainability.

Global Intelligence Network

Aggregate and analyze the industry’s broadest array of digital fingerprints and signals from billions of users across a variety of industries.

What’s Happening with ATOs

Ready to enhance your detection with unsupervised machine learning?