Increased Cases of Accounts Takeover in Nigeria

Risk:
high
Damage:
high
Platform(s):
Systems Networks Mobile Networks and Telephones
Advisory ID:
ngCERT-2022-0096
Version:
N/A
CVE:
N/A
Published:
October 11, 2022

Summary


A series of Account Takeover (ATO) incidents have been reported to Nigeria's ngCERT. An ATO attack occurs when cybercriminals gain access to a user's credentials in order to compromise the user's account. This poses numerous risks to the individual and the organization that he or she represents, as it provides a breeding ground for future attacks for cybercriminals. They frequently change the user credentials once inside, effectively locking the user out.

Description & Consequence


Cybercriminals have devised a number of methods for obtaining user credentials. Some of the methods are highlighted below:

  1. Phishing: This is the practice of sending malicious emails to targets in order to trick them into disclosing sensitive information such as login credentials.
  2. Malware: By infecting a target device with malware such as a key logger, spyware, or banking Trojan, cybercriminals can gain access to user credentials and use them to take over a user's account.
  3. Brute-force attacks: A method of trial and error in which an automated script is used to guess multiple passwords against an account in the hopes of eventually finding one that works.
  4. Credential Stuffing: When usernames and passwords are leaked in a data breach, cybercriminals will attempt to gain unauthorized access to other accounts with the same username by using the leaked password, because most people use the same password across multiple accounts.

The implications for ATO are numerous. If cybercriminals gain access to one's banking apps, they can use it to transfer money from one's account. If an employee's account is compromised, it can also be used to phish within an organization. Furthermore, it can be used to steal sensitive information from the organization or insert malware into the network. The potential for harm is enormous.

Solution


Here are a couple of ways one can mitigate falling victim to an ATO:

  1. Apply rules of password complexity when creating passwords; also, use different passwords for different accounts. Usage of password manager simplifies this process.
  2. Change passwords periodically.
  3. Enable Multi-factor authentication (MFA) on all accounts.
  4. Install effective anti-malware solutions on all devices; ensure they are always up-to-date.
  5. Keep abreast of phishing techniques and take preventative measures.

Reference


Revision


Related Articles