arrow left facebook twitter linkedin medium menu play circle

What Fraudsters Are Doing with Breached Data

DataVisor Attack Techniques Blog

By Priya Rajan December 20, 2018

Photo of Priya Rajan

about Priya Rajan
Priya is the VP of Marketing at DataVisor. She brings to her role two decades of experience holding leadership positions in high-growth technology organizations, including industry leaders VISA and Cisco, and Silicon Valley unicorns Nutanix and Adaptive Insights.

We recently published a blog post that covers several massive data breaches including Equifax, Facebook, and Marriott. According to a recent report by Gemalto, approximately 944 data breaches occurred in the first half of 2018 alone. And these data breaches caused about 3.3 billion data records to be compromised. This post highlights some of what fraudsters are doing with breached data- namely committing many different types of online fraud.

Account Take Over

Account takeover (ATO) is where a fraudster takes over an account using the online credentials of the account holder. Account takeover increased 45% in Q2 2017 costing online merchants an estimated 3.3 billion dollars. Some data breaches result in the leak of login credentials (usernames and passwords) which fraudsters use to take over user accounts. Fraudsters also use sophisticated tools and techniques to take over accounts such as botnets and brute-force attacks.

Credential Stuffing

Credential stuffing is a type of attack, usually automated, used to take over user accounts. Fraudsters use stolen credentials such as email addresses, usernames, and passwords to gain access to website and web app user accounts. The fraudster typically uses an automated script or tool that enters credential pairs repeatedly into websites or web apps until the credentials are matched to an account or multiple accounts. When the fraudster discovers a match, they can then take over the account and use it for fraudulent purposes.

Credit Card Fraud

According to the Identity Theft Resource Center (ITRC), more than 14 million credit card and debit card numbers were exposed in 2017 because of data breaches. Recent data breaches involving the leak of credit card numbers include Saks Fifth Avenue, Lord & Taylor, Newegg, and British Airways. Fraudsters use stolen credit card numbers not only to buy big-ticket items but also to commit different types of fraud such as card testing and triangulation fraud.

Application Fraud

Many fraudsters use stolen personal information for application fraud. Application fraud is where a fraudster applies for a loan or a line of credit but has no intention of paying back the lender. Fraudsters often cultivate loan accounts over time emulating authentic-looking credit account activity. Building authentic looking credit allows a fraudster to gain access to even more credit. When the time is right, the credit lines are maxed out.

Synthetic Identity Fraud

Some fraudsters commit application fraud using an identity that is comprised of personal information from different people or a combination of real and fake personal information. This identity fraud technique is called synthetic identity fraud. For example, a fraudster could submit a loan application that includes a real, but stolen, social security number. But the name, date of birth, and home address could be from the identities of a different person or multiple people. Synthetic identity fraud costs lenders and financial institutions billions of dollars every year.

A Wealth of Stolen Data to Choose From

More than 6 million data records are lost or stolen every day according to Gemalto’s Breach Level Index. And much of that data is made available to fraudsters via dark web marketplaces. Fraudsters today have a wealth of stolen data to choose from- consumer names, social security numbers, credit card numbers, login credentials, birth dates. And fraudsters are figuring out new and innovative ways to commit online fraud with stolen personal data.

The question is no longer “if a data breach happens” but rather “when the data breach happens.” While minor inconveniences following the data breach might be seemingly tolerable for consumers (like getting their credit cards reissued), there are broader implications associated with the data and personal information being exposed. While organizations need to take preventative measures against data breaches, they also need to protect themselves against any fraudulent activity that might follow the data compromise.

DataVisor helps organizations continuously monitor user accounts for emerging threats and fraud attacks resulting from new accounts being opened with stolen credentials, account takeovers and other malicious activities that result in reputational and financial loss.


Popular Posts

Intelligent solutions. Informed decisions. Unrivaled results.

DataVisor Fraud Index Report: Q2 2019

Learn More

The DataVisor Q2 2019 Fraud Index Report is here.

Customers online want convenience, ease, and access. Fortunately, your business offers it all. Unfortunately, that’s what fraudsters want too. To a cyber criminal, those features means vulnerabilities. To bring you the very latest and most actionable insights about where the risks are and what you…

Dumb & Dumber vs Ocean’s 11

Learn More

Understand the range of modern fraud attacks to ensure complete coverage for your organization.

Complex and coordinated fraud attacks that are extensively planned, hard to detect, and highly scalable are the new normal for online platforms. Explore and understand the full spectrum of fraud attacks—from simple to sophisticated—and learn how you can defend against each type in this…

Diagnose and Defeat Application Fraud with the Latest AI-Powered Tools

Learn More

Learn how leading financial institutions are using ML to proactively detect card application fraud.

In this insightful webinar, you’ll explore how organizations are leveraging AI-powered fraud management solutions to get tangible, real-world benefits as they work to proactively detect and defeat sophisticated modern fraud attacks. Plus, you’ll discover strategies for empowering cross-team…


Protect your business, your customers, and your data.

Request Demo