SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
Story image

One in eight in UK faces online account security breaches

Fri, 1st Nov 2024

New research by Thales indicates that one in eight UK residents has experienced an online account breach, underscoring the prevalence of cybersecurity unawareness.

The study surveyed 2,000 UK consumers and revealed that 12% have had an online account compromised. Furthermore, 10% of respondents admitted to lacking confidence in identifying signs of such security breaches.

Account takeover attacks, a common method of breaching online accounts, often utilise automated processes. These attacks involve tactics like credential stuffing, where bots test numerous combinations of passwords to gain access. Once inside, the attacker can alter account details, make purchases, extract personal information, or completely lock the account owner out. This scenario is comparable to an intruder taking over a household.

The 2024 Imperva Bad Bot Report highlights the rising threat of account takeover (ATO) attacks, noting a 10% increase year-on-year. The report further details that 11% of all online login attempts are now linked to ATO activities. This rise is attributed to a significant surge in malicious bot traffic, comprising almost a third of all internet traffic.

Key indicators of a compromised account include unusual account activities, unexpected password changes, and being locked out despite entering the correct password. Additional signs encompass alerts regarding unfamiliar logins from unknown devices or locations, security warnings from service providers, and new accounts linked to an individual's email or social media without their knowledge. Moreover, friends or contacts may receive unsolicited messages appearing to be from the account holder.

Tim Ayling, Vice President of Cyber Security Solutions EMEA at Imperva, a Thales company, commented, "Account takeover attacks are becoming increasingly prevalent, driven largely by the rise in malicious bot traffic. Our latest research highlights that these automated threats now account for nearly one-third of all internet traffic, significantly contributing to the surge in account takeovers. This Cybersecurity Awareness month, we are dedicated to raising awareness and working with organisations to protect consumers across all their online experiences."

In the event of an account breach, several steps are recommended to mitigate damage. It is crucial to immediately change passwords, ensuring they are robust and not easily guessed. Enabling two-factor authentication (2FA) adds an additional security layer by requiring a secondary verification form, such as a code sent to a mobile device. Informing the service provider about the breach can assist in regaining account control and securing it. Conducting a comprehensive malware scan using reputable antivirus software is also essential to eliminate potential threats to the account.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X