Versions Compared

Old Version 17

changes.mady.by.user David Doret (Open Measure)

Saved on

compared with

New Version Current

changes.mady.by.user David Doret

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

Account Takeover

Table of Contents
minLevel2
maxLevel3
typeflat

Alternative Forms

  • Account Hijacking

  • ATO Acronym

  • Identity Hijacking

  • Identity Takeover

  • Identity Usurpation

Definitions

Definition 1

An Account Takeover is a class of identity theft that consists for where a perpetrator to take takes control of an existing identity of another entity without authorization. A common motivation for account takeover is to earn money by perpetrating fraud.

Conceptual Diagram

...

Examples

  • Eve found that Alice’s dog was named Bob. To takeover her social network account, Eve tried to login as Alice using “BOB” as a password. But because Alice was using MFA, Eve’s nefarious plan failed miserably, even though “BOB” was the right password.

Related Terms

  • Account

  • Credential Theft

  • Identity Theft

  • SIM Jacking

  • True Name Identity Theft

Quotes

The usual technique was to loot whatever customer accounts you could and send the money to compromised accounts at whatever bank was slowest at recovery. Of the £35m lost by UK banks in 2006, over £33m was lost by a single bank. One of its competitors told us that the secret was to spot account takeovers quickly and follow them up aggressively; if money’s sent to a mule’s account, he should find his account frozen before he can walk to Western Union.

...

Typically, identity thieves will use the personal information to obtain credit, merchandise, services in the name of the victim, or false credentials for the thief. This can result in such things as ruining the victim’s credit rating, generating false criminal records, and issuing arrest warrants for the wrong individuals. Identity theft is categorized in two ways: true name and account takeover. True name identity theft means the thief uses personal information to open new accounts. The thief might open a new credit card account, establish cellular phone service, or open a new checking account in order to obtain blank checks. Account takeover identity theft means the imposter uses personal information to gain access to the person’s existing accounts. Typically, the thief will change the mailing address on an account and run up a huge bill before the person, whose identity has been stolen, realizes there is a problem. The Internet has made it easier for an identity thief to use the information they’ve stolen because transactions can be made without any personal interaction.

(Harris, 2007, p. 266)

Bibliography

See Also

Filter by label (Content by label)
showLabelsfalse
sorttitle
cqllabel = "account-takeover"