chat
expand_more

Account Takeovers Exposed: Key Statistics You Need to Know

Account takeover allows threat actors to steal sign-in credentials and access an organization's network. Read some eye-popping stats about ATO cost and frequency.
November 28, 2023

Account takeovers (ATO) have become a significant concern for organizations of all sizes and industries. These attacks are an especially damaging form of identity theft and fraud in which a threat actor gains access to a user’s account credentials. This puts the organization at risk of leaking sensitive information and falling prey to fraudulent requests for financial transactions. To make matters worse, these attacks can go undetected for months.

ATOs can occur in various ways—through session hijacking due to authentication token theft or forgery, traditional phishing, social engineering, credential stuffing, or even SMS or voice phishing. In essence, these threats are enabled by a combination of advanced attack methods and weak security measures.

To shed light on the prevalence and impact of account takeovers, we’ll delve into the latest statistics surrounding this type of cyber threat. By understanding the scope of the problem, businesses can better prepare themselves to detect, prevent, and mitigate the risks associated with account takeovers.

1. Approximately 26% of Companies Are Targeted by Weekly ATO Attempts

Unfortunately, account takeovers have become increasingly common over the past year. A quarter of companies (26%) say they are targeted by an ATO attempt each week.

Thankfully, not every ATO attempt is successful. Many are stopped by keen-eyed security teams or stymied by sophisticated cybersecurity solutions. Due to the high frequency of these attacks, it’s important for organizations to prioritize stopping ATOs in their tracks.

2. It Takes an Average of 11 Months to Resolve a Breach Caused by Stolen Credentials

On average, it takes 11 months to resolve a breach caused by stolen credentials, according to the IBM 2023 Cost of a Data Breach Report. This includes 240 days to identify the breach and another 88 to contain and resolve it. That’s almost a year, and each day is another opportunity for the attacker to harm your organization.

One of the reasons for the long life of these attacks is that 67% of organizations are not detecting account compromise on their own, making it crucial for organizations to leverage third-party cybersecurity solutions to help address ATO.

3. Organizations with 50,000+ Employees Have a 60% Chance of a Successful ATO Each Week

Organizations with a large number of employees offer threat actors more surface area for attacks. In fact, companies with more than 50,000 employees have a 60% chance of a successful ATO each week.

Successful attackers can then burrow deeper into organizations through emails, third-party applications, sensitive files, and more based on their privileged status. And with such dispersed networks of remote workers or employees across multiple offices, it’s easy to miss potential warning signs.

4. Nearly 80% of Fortune 1000 Organizations Have at Least One Compromised Account

Even top-tier companies are susceptible to ATO. In fact, they may even be hot targets for threat actors who recognize the value and reputation of these organizations. Nearly 80% of Fortune 100 organizations have at least one compromised account, according to Abnormal data.

Executives and members of financial services organizations are obvious targets. But attackers will compromise any account they can in hopes of climbing the corporate ladder, so to speak, with additional attacks against other employees.

5. The Average Breach Caused by Stolen Credentials Costs Organizations $4.62M

In addition to the frequent and widespread occurrence of ATO, it also bears a hefty price tag. According to the aforementioned IBM report, the average breach caused by stolen credentials costs organizations $4.62 million. That’s a substantial hit to an organization’s wallet and potentially a fatal hit to some.

Defend Against ATO With a Sophisticated Security Solution

ATO attempts are frequent, costly, and difficult to detect, making them a top concern for organizations and security professionals.

Abnormal is an advanced security solution that detects compromised email accounts and unusual or malicious user behavior. By recreating the crime scene in detail, Abnormal provides security teams with conclusive evidence to take action. Better still, Abnormal proactively kicks attackers out of hijacked Microsoft 365 accounts and remediates emails sent from compromised accounts. With total visibility into internal-to-internal email traffic, Abnormal prevents lateral phishing attacks often associated with ATO.

In the same way that you can cancel credit cards or debit cards before a thief has the opportunity to use them, Abnormal helps security teams take proactive steps to stop ATO. Abnormal can even detect ATOs already hidden within your network, thereby providing full defenses for your organization.

Interested in learning more about account takeovers and how you can stay protected with Abnormal? Schedule a demo today!

Schedule a Demo
Account Takeovers Exposed: Key Statistics You Need to Know

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Get AI Protection for Your Human Interactions

Protect your organization from socially-engineered email attacks that target human behavior.
Request a Demo
Request a Demo

Related Posts

B Proofpoint Customer Story Blog 8
A Fortune 500 transportation and logistics leader blocked more than 6,700 attacks missed by Proofpoint and reclaimed 350 SOC hours per month by adding Abnormal to its security stack.
Read More
B Gartner MQ 2024 Announcement Blog
Abnormal Security was named a Leader in the 2024 Gartner Magic Quadrant for Email Security Platforms and positioned furthest for Completeness of Vision.
Read More
B Gift Card Scams Tricker to Spot Blog
Learn why gift card scams are becoming more difficult to identify, how cybercriminals evolve their tactics, and strategies to protect your organization.
Read More
B Offensive AI 12 16 24
Learn how AI is used in cybersecurity, what defensive AI vs. offensive AI means, and how to use defensive AI to combat offensive AI.
Read More
B Proofpoint Customer Story Blog 7
See how Abnormal's AI helped a Fortune 500 insurance provider detect 27,847 threats missed by Proofpoint and save 6,600+ hours in employee productivity.
Read More
B Cyberattack Forecast Emerging Threats Blog
Uncover the latest email threats and strategies to strengthen your cybersecurity and prepare for 2025.
Read More