What is ATO — and how are cyber crooks using it against you right now?

We’re answering your security question, “What is ATO?”

It stands for account takeover.

And with so many people now working from home and shopping from home, cyber criminals are stepping up their game.

Watch here:

Shopping From Home

We’re letting our fingers do the walking, as the old Yellow Pages commercial used to say.

We’re still shopping during isolation and quarantine, but online.

TransUnion reported a 23% rise in e-commerce transactions the week after the World Health organization declared a coronavirus pandemic on March 11.

That opens up more opportunities for cyber crooks.

One of their tactics is ATO, or account takeover, where attackers break into your email, bank account, Amazon account, work accounts — anything where they can take it over and use it for their own purposes.

TransUnion reports an almost 350% jump in account takeover attacks last year.

And this spring will bring us more, as we spend more time indoors and more time at the screen.

Taking Over 

How do they get in?

Phishing is a favorite. They send you, say, a password reset email and wait for you to bite.

They can also guess your password by scoping you out online. For example, if you like boating, your password might be ‘Boat123’.

Attackers also use ‘guessbots’ that automatically try long lists of passwords to see if you are using popular ones or reusing your favorites — also known as credential stuffing.

Plunder and Pillage

What do they do with your accounts?

—Raid you for anything valuable you’ve got, from money to sensitive info to loyalty points.

—Use your email to reset your passwords on all of your other accounts, so they own them all.

—Sell your account on the black market.

—Use your account to trick others

Attackers often use account takeovers to launch other attacks, like sending out phishing email to other people, or fooling people into giving up money or data because they think it’s you.

Warner Bros. sued an accounting firm last month for losing $1.3 million to a scheme where cyber attackers took over an email account and diverted money to their own bank account in an attack known as business email compromise, or BEC.

Researchers report a rise in what they call ‘vendor email compromise‘.

In this scheme, attackers take over the email accounts of vendors, suppliers and trusted partners, then send realistic invoices from their accounts so other companies fall victim, according to security company Agari.

Stopping Attackers

What can you do about account takeovers?

Try these tactics:

—Use better, longer passwords and use different ones on each account.

—Use multi-factor authentication, where you use not only your password to sign in, but a second step as well. 

—Set up alerts for transactions on your bank account and any account that involves payments so you know when someone’s using your money.

—Watch out for messages asking you to reset your password.

Take Care

If you do receive a message asking you to reset your password, go directly to the website on your own, instead of clicking on the link in the email.

Keep your eye out for coronavirus scams. TransUnion said one in five people surveyed have been a target of coronavirus-related digital fraud.

Research shows that people who are isolated, online and worried about money — like many people during the pandemic — are more likely to fall for cyber scams.

See also:

What is encryption?

What is a botnet?

What is Mimikatz?

What is ATO?

What is SIS?

What is an air gap?

What is a PLC?

Main image: Piggy banks. Image: bob_bosewell/iStock