arrow left facebook twitter linkedin medium menu play circle

What Fraudsters Are Doing with Breached Data

DataVisor Attack Techniques Blog

By Priya Rajan December 20, 2018

Photo of Priya Rajan

about Priya Rajan
Priya brings over 18 years of experience from high growth technology organizations including industry leaders (VISA, Cisco) and Silicon valley unicorns (Nutanix, Adaptive Insights). In her most recent roles in the anti-fraud industry, Priya led the product marketing, content and field marketing efforts and helped to power growth in US and EMEA markets.

We recently published a blog post that covers several massive data breaches including Equifax, Facebook, and Marriott. According to a recent report by Gemalto, approximately 944 data breaches occurred in the first half of 2018 alone. And these data breaches caused about 3.3 billion data records to be compromised. This post highlights some of what fraudsters are doing with breached data- namely committing many different types of online fraud.

Account Take Over

Account takeover (ATO) is where a fraudster takes over an account using the online credentials of the account holder. Account takeover increased 45% in Q2 2017 costing online merchants an estimated 3.3 billion dollars. Some data breaches result in the leak of login credentials (usernames and passwords) which fraudsters use to take over user accounts. Fraudsters also use sophisticated tools and techniques to take over accounts such as botnets and brute-force attacks.

Credential Stuffing

Credential stuffing is a type of attack, usually automated, used to take over user accounts. Fraudsters use stolen credentials such as email addresses, usernames, and passwords to gain access to website and web app user accounts. The fraudster typically uses an automated script or tool that enters credential pairs repeatedly into websites or web apps until the credentials are matched to an account or multiple accounts. When the fraudster discovers a match, they can then take over the account and use it for fraudulent purposes.

Credit Card Fraud

According to the Identity Theft Resource Center (ITRC), more than 14 million credit card and debit card numbers were exposed in 2017 because of data breaches. Recent data breaches involving the leak of credit card numbers include Saks Fifth Avenue, Lord & Taylor, Newegg, and British Airways. Fraudsters use stolen credit card numbers not only to buy big-ticket items but also to commit different types of fraud such as card testing and triangulation fraud.

Application Fraud

Many fraudsters use stolen personal information for application fraud. Application fraud is where a fraudster applies for a loan or a line of credit but has no intention of paying back the lender. Fraudsters often cultivate loan accounts over time emulating authentic-looking credit account activity. Building authentic looking credit allows a fraudster to gain access to even more credit. When the time is right, the credit lines are maxed out.

Synthetic Identity Fraud

Some fraudsters commit application fraud using an identity that is comprised of personal information from different people or a combination of real and fake personal information. This identity fraud technique is called synthetic identity fraud. For example, a fraudster could submit a loan application that includes a real, but stolen, social security number. But the name, date of birth, and home address could be from the identities of a different person or multiple people. Synthetic identity fraud costs lenders and financial institutions billions of dollars every year.

A Wealth of Stolen Data to Choose From

More than 6 million data records are lost or stolen every day according to Gemalto’s Breach Level Index. And much of that data is made available to fraudsters via dark web marketplaces. Fraudsters today have a wealth of stolen data to choose from- consumer names, social security numbers, credit card numbers, login credentials, birth dates. And fraudsters are figuring out new and innovative ways to commit online fraud with stolen personal data.

The question is no longer “if a data breach happens” but rather “when the data breach happens.” While minor inconveniences following the data breach might be seemingly tolerable for consumers (like getting their credit cards reissued), there are broader implications associated with the data and personal information being exposed. While organizations need to take preventative measures against data breaches, they also need to protect themselves against any fraudulent activity that might follow the data compromise.

DataVisor helps organizations continuously monitor user accounts for emerging threats and fraud attacks resulting from new accounts being opened with stolen credentials, account takeovers and other malicious activities that result in reputational and financial loss.


Popular Posts

Intelligent solutions. Informed decisions. Unrivaled results.

DataVisor Fraud Index Report: Q1 2019

Learn More

Access proprietary data and research results to discover the latest attack techniques and prevention strategies.

Download the Q1 2019 Fraud Index Report from DataVisor to receive unparalleled data-driven insights into the latest attack trends, and the most effective prevention strategies, based on analysis of over 44 billion events, 800 million users, 396 million IP addresses, and more.

Dumb & Dumber vs Ocean’s 11

Learn More

Understand the range of modern fraud attacks to ensure complete coverage for your organization.

Complex and coordinated fraud attacks that are extensively planned, hard to detect, and highly scalable are the new normal for online platforms. Explore and understand the full spectrum of fraud attacks—from simple to sophisticated—and learn how you can defend against each type in this…

Guard Your Online Marketplace Against Fraud

Learn More

Discover AI-powered fraud strategies for preventing financial and reputational damage in this powerful eBook.

Online marketplaces withstand a complicated array of fraud attacks—spam, scam, and all points in between. Only the most comprehensive, proactive AI-powered solutions can fully protect against reputational and financial damage. This eBook details the entire lifecycle of a fraud attack, and lays out…


Protect your business, your customers, and your data.

Request Demo