2021 sees increasing and serious data breach, financial frauds and identity theft from media, EdTech and e-retail platforms, shows Technisanct research
90-100% increase in ATO posts on Dark web
Devika Nair 
A steep 90-100% rise has been witnessed in Account Take Over posts in India this year, pointing at serious data security breach and online financial fraud. Most of the crimes occur on major brands in EdTech, OTT platforms and E-commerce and e-retail applications, for which, many users share common or long-term passwords.
Account Take Over (ATO) refers to the online identity theft where a cybercriminal accesses a bank, e-commerce or OTT account of the victim, siphons funds steal credit or debit information or loyalty points, sometimes to commit another cybercrime.
Based on a study by Kochi based Technisanct Technologies Private Limited after assessing 12,000 OTT, 7,500 e-retail and e-commerce and 4,500 EdTech accounts belonging to major brands in India over a period of five months, from January to May 2021, what makes the situation favourable for ATO is that many Indian users are still using passwords which they used in 2014 for a brand which had a data breach at that time.
The study also found out there is a huge demand for OTT user names and passwords since lockdown and many of the credentials belonging to Indian brands are regularly kept for sale in Telegram and similar data sharing platforms on Dark web.
“Using the same password for the ease of use and many digital business companies not imposing two-factor authentication and not prompting to regularly change their login passwords, fearing that it could create a dent in consumer experience, actually exposes them to threat of ATO, credential stuffing and credential cracking. Also many mistake this as data breach related to brands which is actually not true” says Nandakishore Harikumar, Founder & CEO, Technisanct Technologies.
Credential stuffing is an automated web injection attack where hackers use credential information sourced from data breaches to gain access to the victim’s other accounts. Credential cracking is another term for a brute force attack in which hackers will use dictionary lists or common usernames and passwords to guess their way into an account.
The other findings made by Technisanct are:
• OTT platforms, mostly premium accounts, took a major hit. •
EdTech industry’s credentials are popular in Telegram platforms.
• The screenshots of premium account dashboards are sold widely.
• Multiple sign-ins with same password are under threat.
• Many users do not change their password often; some are the same from the first signup.
• The e-mail IDs and passwords were from a single third-party breach in a travel portal in 2019.
• Cultivate the habit to use strong password protection methods, especially among the young consumers of EdTech brands.
• Retail industry accounts are traded with wallet balance details.
• Easy access to the platforms in telegram makes ATOs popular
A steep 90-100% rise has been witnessed in Account Take Over posts in India this year, pointing at serious data security breach and online financial fraud. Most of the crimes occur on major brands in EdTech, OTT platforms and E-commerce and e-retail applications, for which, many users share common or long-term passwords.
Account Take Over (ATO) refers to the online identity theft where a cybercriminal accesses a bank, e-commerce or OTT account of the victim, siphons funds steal credit or debit information or loyalty points, sometimes to commit another cybercrime.
Based on a study by Kochi based Technisanct Technologies Private Limited after assessing 12,000 OTT, 7,500 e-retail and e-commerce and 4,500 EdTech accounts belonging to major brands in India over a period of five months, from January to May 2021, what makes the situation favourable for ATO is that many Indian users are still using passwords which they used in 2014 for a brand which had a data breach at that time.
The study also found out there is a huge demand for OTT user names and passwords since lockdown and many of the credentials belonging to Indian brands are regularly kept for sale in Telegram and similar data sharing platforms on Dark web.
“Using the same password for the ease of use and many digital business companies not imposing two-factor authentication and not prompting to regularly change their login passwords, fearing that it could create a dent in consumer experience, actually exposes them to threat of ATO, credential stuffing and credential cracking. Also many mistake this as data breach related to brands which is actually not true” says Nandakishore Harikumar, Founder & CEO, Technisanct Technologies.
Credential stuffing is an automated web injection attack where hackers use credential information sourced from data breaches to gain access to the victim’s other accounts. Credential cracking is another term for a brute force attack in which hackers will use dictionary lists or common usernames and passwords to guess their way into an account.
The other findings made by Technisanct are:
• OTT platforms, mostly premium accounts, took a major hit.
• EdTech industry’s credentials are popular in Telegram platforms.
• The screenshots of premium account dashboards are sold widely.
• Multiple sign-ins with same password are under threat.
• Many users do not change their password often; some are the same from the first signup.
• The e-mail IDs and passwords were from a single third-party breach in a travel portal in 2019.
• Cultivate the habit to use strong password protection methods, especially among the young consumers of EdTech brands.
• Retail industry accounts are traded with wallet balance details.
• Easy access to the platforms in telegram makes ATOs popular
