Stay Safe: What is an Account Takeover?

Key takeaways

• Binance is launching a new blog series titled “Stay Safe,” which will detail account takeovers.

• Account takeovers are a form of identity theft, where cybercriminals take over online accounts using stolen personal information.

• Nowadays, personal and professional account hacks are becoming more and more common.

Presentation

In today's digital age, which offers Internet users the ability to store their sensitive information online, there is growing concern about account hacks. The frequency of data breaches is on the rise, and criminals are constantly looking for vulnerabilities that they can exploit. The increasingly sophisticated techniques used by attackers, the growing adoption of teleworking and digital transactions as well as the increased value of stolen data are all factors contributing to the alarming increase in account takeovers. .

To help users protect themselves from the increase in account hacks, Binance is launching a new series of blog articles which will focus on the various facets of such hacks and will indicate how to protect yourself from them. This blog article describes the mechanics of account takeover attempts, how to spot them, and their consequences.

What is an account takeover and how does it happen?

An online account is said to be hacked when a criminal gains unauthorized access, most often by stealing the victim's login credentials following a phishing scam, an engineering attack social or brute force, to name just a few methods.

Once the hacker has access to the account, he/she can make purchases, transfer money or retrieve sensitive data. Account takeovers therefore have serious effects on both individuals and businesses.

The objectives of hacking depend on the motivations of the criminal, for example:

• Monetary gains: The hacker could use their victim's account to make purchases, transfer money or steal sensitive financial data.

• Identity theft: The attacker steals their victim's personal information such as their name, address and social security number to commit fraud.

• Espionage: The criminal gains access to the victim's account to steal sensitive data such as trade secrets or confidential information.

• Malicious activity: The criminal uses their victim's account to engage in malicious activities such as spreading malware or launching a denial of service (DDoS) attack.

Attackers use various tactics to gain access to user accounts, including:

• Brute force attacks: The scammer uses automated tools to guess a user's login credentials. The tools in question try a large number of password/username combinations.

• Social engineering: the criminal deceives or manipulates the user so that the latter reveals their login credentials.

• Phishing scams: the criminal sends an email or message that appears to come from a legitimate source such as a bank or social network. This email invites the recipient to click on a link and enter their login credentials.

• Malware: The attacker uses malware to compromise the security of the user's device.

• API attacks: the criminal uses, or attempts to use, an API in a hostile manner in order to access user data. These attempts aim to exploit vulnerabilities in business logic, thereby forcing APIs to behave in ways their creators did not intend.

When the attacker gains possession of the account, he/she can change the password and cut off all access to its legitimate owner.

The characteristics of a hacked account

Spotting a hacked account is sometimes difficult, especially after the fact. However, there are some warning signs to look out for.

Unusual activity

Stay alert for any unusual account activity, such as unauthorized purchases, changes to your settings, or strange logins from unknown devices. Login attempts from unknown locations or IP addresses may also indicate that a third party is trying to take control of your account.

Account credentials changed

As soon as a criminal manages to take over an account, he/she attempts to change its identifiers in order to prevent its original owner from accessing it. In some cases, the hacker will modify multiple accounts at once (i.e., change your email, social media, and YouTube account IDs). When such measures are taken on multiple accounts, it most often means that an account hack has been successful.

Unknown devices

Cybercriminals often disguise their equipment using the method known as IP spoofing. The system identifies devices with spoofed identities as “unknown,” making them more difficult to track. An unusually high number of unknown devices associated with your account is a reliable indicator of an imminent hacking attempt.

Log in to multiple accounts, from a single device

Sometimes, criminals don't bother to disguise or hide their devices when logging into multiple accounts; these then find themselves associated with a single device.

The consequences of account hacks on people and businesses

Account hacks can have serious consequences for both individuals and companies. For individuals, they can result in loss of money, theft of their identity and damage to their reputation. For businesses, this could mean data breaches, loss of money, fines, damage to their reputation and the trust placed in them by their customers.

Any person or entity with an online account is at risk of it being hacked, but some groups are more at risk than others, including:

• Well-known personalities: Criminals are more likely to target celebrities or political figures in order to steal sensitive information or commit fraud.

• Businesses: Hacks particularly target businesses, as they typically retain large amounts of sensitive information and financial data.

• Older adults: Seniors are sometimes more exposed to hacks because they are often less aware of online security best practices and more likely to believe in scams.

How do I prevent an account from being hacked?

Account hacks are causing growing concern among both Internet users and businesses. It is crucial to protect yourself properly by putting proactive measures in place such as strong passwords, two-factor authentication and exercising caution around suspicious emails or messages.

The Binance security team continuously monitors suspicious activity and optimizes its security measures. As soon as we receive a report of an account hack from a user, we begin a thorough investigation into the causes and do everything in our power to help victims.

While Binance does everything possible to keep your account secure, you are also able to take responsibility for your own security: by following the advice in this article, you will help us protect your sensitive information and reduce your risks to be the next victim of an account hack. If you believe your Binance account may have been compromised, contact customer support as soon as possible.

The next article in our “Stay Safe” series is coming soon, covering how attackers steal your login credentials and what you can do to stop them.

For more information

• Secure Your Binance Account in 7 Simple Steps

• How to Survive Scams: The Complete Guide to the Most Common Crypto Scams

Disclaimer and Risk Warning: This content is presented to you “as is” for general information and educational purposes only, without representation or warranty of any kind. It should not be construed as financial advice, nor as a recommendation to purchase a specific product or service. Prices of digital assets can be volatile. The value of your investment may go down as well as up and you may not get back the amount you invested. You are solely responsible for your investment decisions and Binance is not responsible for any losses you may incur. This does not constitute financial advice. Please see our Terms of Use and Risk Disclaimer for more information.