The specter of e-mail-driven Account Takeovers (ATO) is growing, reports Information Age, and businesses would do well to increase their understanding of this insidious threat, so they can take steps to prevent its destructive fallout.
ATO attacks are “notoriously difficult to combat because they utilize legitimate email accounts and therefore have no need to leverage impersonation techniques,” notes Agari, author of a recent ATO study. Attacks usually begin after crooks obtain an employee’s email login (from the dark web or other source). Next, they establish control of the account, set up masking and forwarding rules to hide their activity, and patiently plot their exploits–often for months.
The most common ATO attacks are Business Email Compromise (BEC), to exfiltrate funds or sensitive information, and spearphishing, to gain a deeper foothold inside the company. To safeguard your business:
1) Conduct ongoing security awareness training, including simulated phishing attacks.
2) Monitor and enforce best-practice password policies and
3) Work with an IT MSP to assess the viability of preventive measures, such as multi-factor authentication (MFA).