The article discusses the prevalence of account takeover (ATO) attacks, highlighting that a staggering 99% of monitored organizations experienced ATO attempts in 2024. Despite the effectiveness of multifactor authentication, many accounts remained vulnerable. The data reveals that sectors such as education, electronics, aerospace, legal services, food & beverage, and financial services were significantly impacted by ATOs. Affected: account takeover attacks, education, electronics, aerospace, legal services, food & beverage, financial services
Keypoints :
- In 2024, 99% of monitored customer tenants faced ATO attempts, with 62% experiencing at least one successful attempt.
- The top countries for ATO attacks were the United States, Germany, Russia, India, and the Netherlands.
- Common domains associated with ATO attacks included Datacamp.co.uk, Microsoft.com, Amazon.com, Biterika.ru, and Cyberassets.ae.
- Almost all industries saw ATO attempts, with percentages ranging between 95% and 100% across the board.
- Industries experiencing the highest successful ATOs were education (88%), electronics (88%), and aerospace (86%).
- Legal services, food & beverage, and financial services faced lower successful ATO rates (50%, 50%, and 47%, respectively).
- Approximately 3 million monitored accounts were targeted for ATO; around 17,000 were successfully compromised.
- Multifactor authentication (MFA) is a useful measure but not foolproof against ATOs.
- Detection of ATOs requires sophisticated techniques such as AI/ML and pre- and post-access behavior monitoring.
- Proofpoint offers a comprehensive defense solution to protect against ATOs.
MITRE Techniques :
- Account Takeover (T1078) β Attackers gain unauthorized access to legitimate user accounts to exploit system resources.
Indicator of Compromise :
- [Domain] Datacamp.co.uk
- [Domain] Microsoft.com
- [Domain] Amazon.com
- [Domain] Biterika.ru
- [Domain] Cyberassets.ae
Full Story: https://www.proofpoint.com/us/blog/threat-insight/account-takeover-statistics