Fraud & Identity Featured Article

iconectiv Whitepaper Examines Account Takeover Fraud

By Steve Anderson Contributing Writer

Recently, iconectiv (News - Alert) issued a whitepaper that discussed many common points of mobile device fraud. With a rapidly-growing slate of uses for our mobile devices, the potential for fraud to step in and do significant damage to our everyday lives grows with it. Account takeover fraud is particularly potentially disastrous, and with some advance warning of what to watch for, we may be better able to protect ourselves against a variety of different kinds of fraud.

With greater uses for mobile devices, and more potential endpoints for fraudsters to access systems and engage in account takeover fraud, it behooves us more than ever to be watchful. Any one point can be the perfect access point for fraud; a 2016 Forbes article cited in the whitepaper pointed out that, once hackers had control of an email account, after taking control of a mobile phone number, it took just seven minutes to access and compromise 30 other accounts.

That means a lot of potential damage can be done in the space of minutes, even seconds, and your ability to respond will likely be measured at least in days, so prevention becomes a particular priority.  With account takeover fraud an increasingly prevalent problem—a NuData report noted that account takeover fraud more than doubled in the first quarter of 2015 against the same time in 2014—being able to protect against this is especially important.

Account takeover fraud is done primarily as a means to beat the growing Europay / Mastercard / Visa (EMV) standard, while at the same time allowing access to several points from one weak endpoint. With the difficulty of credit card cloning rising, fraudsters are bypassing the card altogether in a bid to get access to the wider frame of accounts beyond the card itself. Once an account is accessed illicitly, a range of personal details becomes available, and these details can in turn be used for just about everything from simple purchase fraud to mortgage refinancing.

Thus, if we focus on protecting our mobile devices—with the proper background of system updates, virus protection, remote wiping tools and similar issues—we can potentially stop quite a bit of fraud in its tracks. By making mobile devices no longer weak endpoints, we can remove one of the great potential access vectors for fraudsters, and protect ourselves in turn against a variety of fraud possibilities. Since card cloning is now vastly more difficult thanks to EMV operations, protecting the mobile device becomes the best new way to head off a lot of fraud.

Account takeover fraud can be a deeply traumatic affair, but with some advance preparation—and advance warning like that offered in the iconectiv whitepaper—it's easier to protect yourself.