Account Takeover attacks: the viewpoint of a threat intelligence expert

Account takeover happens when someone tries to steal a user account. Any service offering authentication can face it since an attacker just has to test pairs of users and passwords.

Zack Allen joins us to share his experience protecting organizations that faced massive account take over, describes the criminal and financial motivation of attackers, their methods to hide, and how they move from a database leak to a compromised account. We show the tools that attackers most commonly use. Eventually, we discuss how to detect and protect your organization around account take over.

About Zack:

Password crackers:
Tools:

0:00 Cloud Security Lounge
2:01 Zack role as a cyber criminal hunter
7:45 Motivation of attackers
9:58 Who is at risk?
11:58 Story of an account take over attack against Sqreen
14:23 Attack lifecycle: attackers coming from a data leak to a compromised account
20:10 How attackers try to hide
22:30 Tools used for attack (by criminals or security professionals)
28:30 How to detect and protect against ATO attacks
34:10 The common targets are not only the public ones, like back office or support
38:30 Two factor authentication: a great yet imperfect protection