TRENDING:

Fraud Management & Cybercrime , Social Engineering

How Account Takeovers Subvert Victims' Social Networks

Agari's Markus Jakobsson Describes Account Takeover Defenses Mathew J. Schwartz (euroinfosec) • April 24, 2018    
Markus Jakobsson, chief scientist, Agari

Phishing attacks, spoofing someone's email address or phone number, and running CEO fraud scams - aka business email compromise - are typically not technically sophisticated attacks. But attackers rarely bother with technical sophistication when easy social engineering schemes, such as "hacking" a victim's social network and using it against them, can give them what they want, says Markus Jakobsson, chief scientist at the cybersecurity firm Agari.

See Also: OnDemand | Understanding Human Behavior: Tackling Retail's ATO & Fraud Prevention Challenge

And it should come as no surprise, he says, that account takeover attacks, in particular, have been increasing as attackers double down on low-cost, high-impact strategies for perpetrating fraud.

In a video interview at RSA Conference 2018, Jakobsson discusses:

  • The rise of account takeover incidents;
  • Why attackers favor account takeovers;
  • Examples of how these attacks are launched and why they can be so successful.

Jakobsson is chief scientist at Agari, CTO of ZapFraud and a technical advisory board member for Stealth Security. He has more than 20 years of experience as a security researcher and scientist studying phishing, crimeware and mobile security at such organizations as PayPal, Palo Alto Research Center - PARC - and RSA Security.

Previous
Identity Changes With Fusion of Public, Private Trust Models
Next
DDoS 2018: How IoT Is Fueling Attacks

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.



Around the Network

How a CEO Runs a Company in Wartime
How a CEO Runs a Company in Wartime
Israel-Hamas War: 'We All Know Someone That Lost Someone'
Israel-Hamas War: 'We All Know Someone That Lost Someone'
Why Hospitals Should Beware of Malicious AI Use
Why Hospitals Should Beware of Malicious AI Use
Getting a Tighter Grip on Vendor Security Risk in Healthcare
Getting a Tighter Grip on Vendor Security Risk in Healthcare
Mapping Access - and Attack - Paths in Active Directory
Mapping Access - and Attack - Paths in Active Directory
Good Governance: 'It's All Hygiene'
Good Governance: 'It's All Hygiene'
How Biden's AI Executive Order Will Affect Healthcare
How Biden's AI Executive Order Will Affect Healthcare
Stopping Cloud Workload Attacks
Stopping Cloud Workload Attacks
Mapping the Unseen Vulnerabilities of Zombie APIs
Mapping the Unseen Vulnerabilities of Zombie APIs
Supporting CISA - The 'Focal Point of Our Defensive Efforts'
Supporting CISA - The 'Focal Point of Our Defensive Efforts'

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.