Holiday Season Risks: Account Takeover Fraud

The holiday season is a critical time for all businesses, especially amid the coronavirus. 84% of eCommerce businesses say the 2020 season is critical for catching up on sales or recovering from the economic downturn, according to Kount’s holiday survey.

To survive and thrive in the holiday season, businesses need to ensure they’re not only providing fraud-free eCommerce interactions but also seamless customer experiences. 6 in 10 consumers in the Kount holiday survey say they are most concerned about data breaches when online shopping. Without the right fraud detection and prevention system, online businesses risk exposure to attacks including account takeover fraud.

What is account takeover fraud?

Account takeover fraud occurs when a bad actor, such as a fraudster, bot, or botnet, gains control of a customer’s account. Once they have access to the account, they can engage in unauthorized transactions, drain stored value, steal personal information, and more. Armed with stolen data, including payment information, a bad actor can initiate fraudulent transactions. These transactions can increase chargebacks and related fees and penalties for eCommerce businesses. Further, account takeover creates poor customer experiences and damages a brand’s reputation.

3 ways account takeover fraud can disrupt and damage businesses

1. It can steal a customer’s loyalty points

A good loyalty program encourages consumers to become repeat customers. Customers can earn valuable rewards from purchases to spend on additional goods and services. Bad actors target customer accounts and use stolen credentials or other forms of account takeover to steal, sell, or spend the customer’s loyalty points.

Loyalty programs can be essential for keeping customers and incentivizing them to spend more with a business. But lost rewards can drive customers away. Just one incident can erode a customer’s hard-won trust and send them to competitors.

2. It can compromise a customer’s data

Malicious bots use credential stuffing and brute-force attacks to crack a customer’s account and steal their information. The perpetrators then sell the customer’s information or use the customer’s credentials to access additional accounts.

Stolen customer information can open a company up to direct liability from the customer. That’s in addition to damaging consumer trust in the brand.

3. It can damage a brand’s reputation

Large account takeover attacks make the news. But even smaller businesses may have to disclose cyberattacks to customers.

The holiday season is short. Damage to a brand, even if ultimately repaired, can dry up profits at a critical time. Prospective customers may avoid a brand that has recently fallen victim to an attack. And existing customers caught in the attack may not return.

How to prevent account takeover fraud

Detect account takeover

Implement account takeover protection to detect and stop attacks that may increase with holiday eCommerce activity. A system that can protect customer information can help businesses avoid damage to their brand reputation and operations.

Detect malicious bots

Deploy bot protection that can prevent malicious attacks like credential stuffing, password spraying, or brute force to access customer information. Detecting bots can help protect the operational infrastructure that maintains accurate shipping and delivery windows.

Everything to know about the 2020 holiday season

Account takeover fraud is just one risk businesses need to mitigate in the 2020 holiday season. Visit Kount’s 2020 Holiday Fraud Protection guide, and assess all five risks. Plus, get invaluable insights on consumer spending trends, and download the fraud prevention checklist.

Latest Posts


Schedule a Demo

Conveniently schedule a call with sales to discuss your fraud protection strategy.