|
Castle Unveils Four Account Takeover Tactics Cyberattackers are Using to Successfully Exploit Users
Thursday, December 19, 2019
"Evolution of Attacks on Online Users" eBook Details Attack Strategies and Tips for Improving Defenses
SAN FRANCISCO, Dec. 12, 2019 /PRNewswire/ -- Castle, the user-centric account security company, today announced the availability of Evolution of Attacks on Online Users eBook. The eBook provides research that illustrates four new tactics cyberattackers are using to successfully take over accounts and exploit users. Castle is continuously researching attacks to improve threat modeling for attack detection and prevention.
Stolen credentials have been linked to some of the largest and most costly data breaches to date, including Equifax and Yahoo, which affected almost half of the US Population. Despite the success of these attacks, attackers continue to search for ways to improve success by tricking security tools to avoid detection.
Traditional success rates of account takeover attacks have been approximately .1%, but over the past year, Castle has discovered new trends in attack patterns with success rates as high as 20-30% in finding valid credentials. The company's research team was analyzing malicious login attempts of 100 million+ worldwide user accounts when it discovered this massive increase for some of its customers. Through its investigations and data analysis, the company identified four new trends in account takeover. Following are the tactics we found attackers are using to improve their success rates as they target user accounts.
-- Appear Larger - Use More Users, More IPs: The eBook details a real-life
example where an attacker used 60,000 IPs in 210 countries to complete
700,000 login attempts in over 10 hours. Although the site saw upticks
in failed logins over the course of the attack, three failed login
attempts per hour, per IP didn't raise much suspicion in isolation.
Ultimately, the attacker got more than 700 validated credentials, which
they could use to perpetrate an attack.
-- Appear Local - Use Local IPs: As attackers attempt to emulate as many
users as possible to blend in, they also want users to appear to be
coming from countries and locations that won't raise any suspicion. The
eBook illustrates an attack where the attacker used 1000 IPs, from
multiple data centers across the U.S. to complete 650K login attempts
over a 10-hour period without increasing any suspicion.
-- Appear Better - Use Fake Accounts to Improve Reputation: Attackers
understand the importance of trust - if an attackers can gain trust,
they have a better chance of success. In order to establish trust,
attackers are registering fake, 'canary,' accounts to try to build up
the reputation of the IPs they plan to use in their attack. The eBook
provides an example of where an attacker used 6000 fake accounts to
perform 30K each logins during the course of an attack, meaning that
each account was logging in every three seconds to keep their
reputation.
-- Appear Legitimate - Use Registration and Password Resets: To reduce the
amount of attempts attackers need to validate their credentials, they
are exploiting UX features on sites that are meant to make it easier for
users, including password resets and registration forms. By using
password resets and registration forms, attackers can quickly identify
legitimate email addresses which greatly reduces the number that they
need to keep and try when validating credentials.
"As attackers become more sophisticated, it's our responsibility to conduct the research needed to stay ahead of them," said Johan Brissmyr, co-founder and CEO of Castle. "Detecting new attack trends early on is critical in maintaining both security and user experience which could impact a company's bottom line. Fortunately we discovered these attacks early and kept our customers and their user's accounts protected."
The "Evolution of Attacks on Online Users" eBook also provides tips for companies to improve defenses including implementing IP rules and blacklisting as well as a list of helpful resources and tools. For more information, please see the full eBook here.
About Castle
Castle helps businesses keep their customers' online accounts safe from human-powered account takeovers, automated credential stuffing, risky user transactions and other attacks impersonating users. Castle's user-centric approach to account security allows organizations to fully automate threat response and account recovery in real-time with risk-based authentication, granular access policies, and custom workflows for end-to-end account recovery. Unlike traditional solutions, Castle gives users the ability to actively participate in their own account security to keep safe. Castle has also removed complexity for security teams with an easy-to-use, fully automated and developer-friendly solution that enables strong security and keeps user satisfaction at the forefront. Castle is headquartered in San Francisco, CA with offices in Malmo, Sweden and Krakow, Poland.
View original content to download multimedia:http://www.prnewswire.com/news-releases/castle-unveils-four-account-takeover-tactics-cyberattackers-are-using-to-successfully-exploit-users-300974134.html
SOURCE Castle, Inc.
|
|
|
|
|
 |
Asetek - Mandatory Notification of Trade | Jan 22, 2026
|
 |
Tomorrowland Brings the Magic to Shanghai for a Spectacular First Indoor Edition in China | Jan 22, 2026
|
 |
BC.GAME to Host "Stay Untamed" Night During Abu Dhabi's Packed Web3 Summit Week | Jan 22, 2026
|
 |
Rent Manager Earned Best Real Estate Software Product Award and Multiple Review Badges from G2 Platform | Jan 22, 2026
|
 |
Auburn University's Applied Research Institute Expands Advanced Manufacturing Capabilities with CF3D Enterprise Cell | Jan 22, 2026
|
 |
California Divorce Mediation Center Unveils Modern Website Redesign | Jan 22, 2026
|
 |
AMPERA ANNOUNCES LOCATION FOR GLOBAL HEADQUARTERS | Jan 22, 2026
|
 |
Gemmy Alerts Customers: Fake Websites Target Holiday Decorators | Jan 22, 2026
|
 |
Culture and tourism sectors thrive in Xiamen | Jan 22, 2026
|
 |
Immutable Announces First Co-Founder-Hosted Live Webinar: How to Dominate Your Steam Launch | Jan 22, 2026
|
|
|
|