MFA and strong passwords are most commonly used to defend against account takeovers.
More than three-quarters of businesses have experienced at least one account takeover in the last year.
According to research by Abnormal Security, 77% of security leaders cited account takeover attacks as one of their top four most concerning cyber threats. The survey of over 300 security professionals also found that 83% of survey participants reported that their organisation had been impacted by an account takeover attack at least once over the past year.
Also nearly half of organisations (45.5%) were impacted by account takeover attacks more than five times over the past year, while nearly one in five had experienced more than 10 significant account takeover attacks.
The cloud applications that security stakeholders are most concerned about being compromised include file storage and sharing services, business email accounts, and contract management.
Commonly used strategies to protect against this threat include implementing fraud detection mechanisms such as multi-factor authentication (MFA) and strong password use. Yet, the majority of survey participants are sceptical of both MFA (63%) and single sign on (65%) as effective tools to prevent account takeover attacks.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
