eBook: 4 Tactics Cyberattackers are Starting to Employ in Account Take Over Attacks
Account Takeover Demo 2 - Attackers Appear Local to Avoid Detection
VP of Marketing
One way attackers improve the overall success of their account takeover attacks is to use local IP addresses. This enables them to blend into normal traffic and circumvent traditional geo blacklisting defenses. Here, you see a single attacker using 907 IP addresses, from 21 Internet Service Providers, located in two countries. Ultimately, they targeted more than 36,000 users, completing over 660,000 login attempts, which would have resulted in over 1056 valid credentials had Castle not been protecting the site. Luckily, Castle was there, and the attacker was prevented from using those credentials to login and steal sensitive data, transfer money, or disrupt services.