The specter of e-mail-driven Account Takeovers
(ATO) is growing, reports Information Age, and businesses would do well to
increase their understanding of this insidious threat, so they can take steps
to prevent its destructive fallout.
ATO attacks are “notoriously difficult to
combat because they utilize legitimate email accounts and therefore have no
need to leverage impersonation techniques,” notes Agari, author of a recent ATO
study. Attacks usually begin after crooks obtain an employee’s email login (from
the dark web or other source). Next, they establish control of the account, set
up masking and forwarding rules to hide their activity, and patiently plot
their exploits–often for months.
The most common ATO attacks are Business Email
Compromise (BEC), to exfiltrate funds or sensitive information, and
spearphishing, to gain a deeper foothold inside the company. To safeguard your
1) Conduct ongoing security
awareness training, including simulated phishing attacks.
2) Monitor and enforce best-practice password policies and
3) Work with an IT MSP to assess the
viability of preventive measures, such as multi-factor authentication (MFA).