Global Retailer Defends $5B Gift Card Program
Global retailers with gift card programs are vulnerable to account takeover and credential stuffing attacks, resulting in millions of dollars of losses per year.
With online retailers' login pages as the primary target, automated credential stuffing attacks test large numbers of stolen credentials and successfully identify and take over legitimate accounts.
Account Takeover attempts/day
deflected for major US bank
Top 5 Bank Prevents Account Takeover and Unauthorized Content Scraping
Financial institutions are prime targets for cybercriminals intent on taking over accounts for monetary gain. Large-scale automated attacks on financial institutions can rapidly test out millions of stolen credentials, and with even a 1 - 2% success rate, cyber fraud losses easily reach millions of dollars.
Increasing use of financial aggregator apps, and unauthorized content scraping of account balances and transaction history is creating compliance headaches for financial institutions. Looking to lower risk, financial institutions are seeking avenues to block unauthorized content scraping and direct legitimate traffic to approved APIs.
International Airline Fights Back Against Scraping Bot
Airline companies rely on their web and mobile applications to provide flight information and manage frequent flyer accounts. Automated attacks that closely mimic legitimate search and login attempts evade traditional security defenses, including web application firewalls (WAFs), IP reputation checkers and rate limiters.
Frequent flyer accounts are major targets for credential stuffing attacks, causing not only monetary loss from re-sale of stolen award tickets, but also damage to airline reputation and brand. Content scraping attacks extract route and fare information for repackaging and sale by aggregators.
Major Healthcare Insurer Deflects Application Layer DDoS Attack
Insurance company website applications service millions of customers, providing extensive information on providers, benefits, and plans. Online search is an important website feature for users to find the information they need.
Sophisticated automated application layer DDoS attacks can now evade traditional DDoS protections resulting in blocking of customer access to website features such as search, resulting in loss of revenue and customer trust.
Government Agency Reduces Fraud and Protects Citizen Information
The US government serves over 100M households and processes $2T in payment and benefit value. Protecting citizen accounts containing sensitive information is an increasingly challenging task.
Cybercriminals now combine intelligent automation techniques with information stolen from other, unrelated data breaches to attempt account takeover of targeted citizen accounts, with the goal of redirecting benefits and payments.