A Fortune 200 global company with a large eCommerce website stops large account takeover attack.
Enterprise – eCommerce retailer
Account Takeover Fraud: The merchant’s fraud team identified a large-scale, highly sophisticated ATO fraud scheme occurring. The fraudsters seemed to be testing the systems using a variety of order channels, geo locations, product types and order sizes, etc. Due to the sheer volume of orders, automation was suspected immediately. The initial investigation led the merchant to believe this was a large test of their security and response posture.
o Several hundred orders came in from a couple hundred accounts across multiple channels over a period of two months.
o Over half of the orders came with a credit declined status (testing logic).
o Bot traffic increased substantially on the second day of the attack.
o Most static data points matched perfectly (IP, email, CC).
o Attempts were made using all channels.
High volume ATO attack (red), good customers (green)
NuDetect was selected because of its advanced ability to detect sophisticated fraud schemes across multiple channels.
o Suspicious activity was detected and passive biometrics and behavioral analysis were then deployed to determine whether there was malicious automation.
Results / Benefits
o Leveraged a real-time interdiction to stop the automation.
o Good customers were not affected by the interdiction methods.
High volume ATO attack (red), good customers (green) were not affected by attack or interdiction method
Mitigated: just under $1 million
The merchant saw an immediate drop-off in automated activity once passive biometrics and behavioral analytics were deployed. Have not seen any automated attacks against these specific pages since NuDetect went live.
“Right decision made! It’s always challenging to prevent something that has not yet occurred, then when something does happen and can be mitigated with relative ease, brings confidence in the right decision.”