Account Takeover Fraud , Fraud Management & Cybercrime , Fraud Risk Management

Compromised Credentials, Account Takeover, and Intelligence-Driven Password Policies

Visibility into the Illicit Communities where Credentials are Leaked

As the methods used by threat actors to steal credentials evolve and leaked data is readily available online, defenders are at an ongoing disadvantage and increasingly vulnerable to account takeover, fraud, and misuse.

Flashpoint's Evelyn French, Senior Analyst I, Tactical Monitoring, and Ian Gray, Director of Threat Intelligence, Americas, examine how visibility into the illicit communities where credentials are leaked can help organizations establish or refine password policies.

This video highlights:

  • Sources: The various cybercrime communities where threat actors solicit, share, and sell password information
  • Lifecycle: How quickly breached credentials are acquired and made available on illicit communities, how long they are circulated and at what price, and how the threat actors who purchase these credentials attempt to monetize them
  • Economy: How brute force software is developed, what VPS and proxies are preferred by threat actors, and the division of labor between actors acquiring credentials and those conducting exploitation and monetization
  • Evolution:How credentials are changing, from username password to cookies, secret questions, API keys, and cryptographic signatures

About the Author

Evelyn French

Evelyn French

Senior Analyst I, Tactical Monitoring, Flashpoint

Evelyn French is currently a Senior Analyst at Flashpoint, where she focuses on tactical threat monitoring. Prior to joining Flashpoint, she was a Cryptologic Warfare Officer for the US Navy and received her Master of Engineering in Cyber Security from the University of Maryland.

Ian Gray

Ian Gray

Director of Intelligence, Americas, Flashpoint

Ian Gray is the Director of Intelligence at Flashpoint, where he focuses on producing strategic and business risk intelligence reports on emerging cybercrime and hacktivist threats. Prior to joining Flashpoint, Gray was a Surface Warfare Officer for the US Navy. He holds a bachelor's degree in Middle Eastern Studies from Fordham University and a Master of International Affairs degree from Columbia University.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.