Account Takeover Attempts
Account Takeover Attempts (ATO's) are a significant problem for gaming sites. A form of ID theft, ATO's access a site's user/customer accounts in an attempt to use them withdraw funds, steal loyalty benefits, change account details, disrupt games and attempt to ruin the player experience and to make unauthorized purchases or initiate unauthorized transactions on another site.
Some of most common ATO attacks are perpetrated using:
- Password Re-use (using the compromised password from one site on another site)
- Credential Stuffing (bulk attempts to gain access to user accounts)
- Malware (that interferes with user sessions)
- Remote Access (gaining control of a user's device)
- Induced Payments (users are tricked into initiating a fraudulent payment).
When successful, ATO's are very costly for a business to resolve. They can damage your brand's reputation, increase chargebacks and disputes, lead to lost revenue and increase customer support costs.