Fraudsters using credentials harvested from massive breaches, study finds

Digital identities are being exploited on a routine basis by sophisticated cybercriminals, says a just released ThreatMetrix study.
Digital identities are being exploited on a routine basis by sophisticated cybercriminals, says a just released ThreatMetrix study.

Digital identities are being exploited on a routine basis by sophisticated cybercriminals, a new study from ThreatMetrix found.

No surprise there, but "ThreatMetrix Cybercrime Report: Q2 2015," based on attacks the security technology company detected between April and June 2015, uncovered a number of unforeseen trends.

For one, increasingly sophisticated attackers were increasingly targeting diverse data sets to effectively stitch together consumers' credentials. And new account creation continued to be at high risk as fraudsters use stolen credentials harvested from massive breaches.

Further, fraudsters were either replaying stolen identities using proxies, device and location spoofing to cloak a true digital identity or piggy-backing on top of users' session with malware or man-in-the-middle attacks.

The only way to effectively secure customers against cyberattacks is by leveraging anonymized shared intelligence built on global profiles of authentication and transaction histories, the study concluded.


You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS