Blog

CyberScout is the nation’s premier consultative provider of identity and data risk management, resolution and education services.

Account Takeovers Most Likely Caused By Phishing , Not Data Breaches

Account Takeovers Most Likely Caused By Phishing , Not Data Breaches
November 13, 2017

A recent Google study found that phishing exploits are far more likely to be the cause of account takeovers than the information compromised by data breach or malware.

The study, “Data Breaches, Phishing, or Malware? Understanding the Risks of Stolen Credentials,” was conducted in cooperation with the University of California, Berkeley, and the International Computer Science Institute from data gathered between March 2016 and March 2017.

Sampling more than 1.9 billion stolen usernames and passwords exposed by past data breaches at MySpace, LinkedIn, Dropbox and thousands of other digital sources, the findings warrant your attention. The upshot: breaches aren’t the culprit in the majority of account takeovers.

The study identified 788,000 potential victims of off-the-shelf keyloggers; 12.4 million potential victims of phishing kits; and 1.9 billion usernames and passwords exposed via data breaches on a sampling from thousands of online sites and service providers.

These results are eye-opening because while the common response to data breaches tends to be panic, the actual threat is more active than passively via breach.

“We find victims of phishing are 400x more likely to be successfully hijacked compared to a random Google user. In comparison, this rate falls to 10x for data breach victims and roughly 40x for keylogger victims. This discrepancy results from phishing kits actively stealing risk profile information to impersonate a victim, with 83% of phishing kits collecting geolocations, 18% phone numbers, and 16% User-Agent data.”

The study demonstrates, “the necessity of a defense-in-depth approach to authenticating users.” For a not-so-quick read (it’s 14 pages), click here.

 

Adam Levin is chairman and founder of CyberScout. This article originally appeared on AdamLevin.com.

Offer 24/7 CyberScout Protection

CyberScout's partnership options help you safeguard the identity and privacy of your policyholders, customers, members and employees. Discover how a customized program can help build brand loyalty, customer retention, and quickly generate long-term recurring revenue.

Get Started