What Is Account Takeover?

Account Takeover definition and explanation.

Account takeover happens when a fraudster gains unauthorized access or control over a legitimate customer’s account. Account takeover (account compromise) attacks mainly target SaaS web applications. If the ATO attack is successful, the malicious actor can act on behalf of the legitimate account owner. Account takeover typically uses automated attacks such as credential stuffing.

97% of the world's largest 1,000 organizations had their credentials exposed in 2016. Billions of leaked credentials are exposed online every year. Cybercriminals are increasingly turning to credential stuffing tools to automate attempts at account takeover, making these leaked credentials very useful for them.

Digital Shadows report