November 10, 2023

Account takeover attacks: Why your business should care

According to a recent survey by online security company Norton LifeLock, South Africa has the third-highest number of cybercrime victims, costing the country over R2.2 billion in losses each year. Cybercrime is on the rise and South African companies are not immune. The advancement of technology also creates a rise in cybercrime, and businesses must be wary of account takeover attacks.

Account takeover attacks are a type of cyber threat in which a criminal gains access to a user's account and uses it to commit fraud or perform other malicious activities. Account takeover attacks can be extremely effective and their methods are always changing. These attacks are motivated by a variety of factors, including financial gain, identity theft, espionage and extortion.

Techniques used in account takeover attacks

To gain access to user accounts, criminals use a variety of methods, including brute force attacks, social engineering, phishing, malware and API attacks. Brute force attacks involve guessing login credentials through trial and error, whereas social engineering attacks work by tricking a user into disclosing their login credentials by posing as someone legitimate.

Malware attacks require the installation of malicious software on a user's device, which then steals login credentials. These include spyware and various other viruses and software to gain access to employee accounts. Finally, API attacks target vulnerabilities in business application programming interfaces.

These techniques are the most common ways for attackers to gain possession of an employee’s credentials and IT account. From here, the criminals can gain access to sensitive information, valuable data, the company’s intellectual property and financial records.

How to detect an account takeover attack

Account takeover attacks must be detected early in order to be prevented. Receiving notifications of changes in account credentials, unusual activities such as new devices connecting to the IT network, or multiple accounts on the same device are all indicators of an account takeover attack.

Businesses must keep accurate records of their assets and be on the lookout for any suspicious activity. All employees should undergo user awareness training on a regular basis to keep cyber security at the top of their minds. This is a necessary investment that could save a company millions of rands in the long run.

Humans are the first line of defence when it comes to these types of threats. If an employee notices anything unusual, they should contact their IT administrator or chief information security officer (CISO) immediately.

Preventing account takeover attacks

Cyber security software and programmes are effective methods to detect and mitigate these attacks, but employees are often the first point of contact and the weakest links in the security chain. Enterprises should work alongside reputable cyber security providers to ensure that their IT systems are adequately protected and always up-to-date.

Account takeover attacks can be extremely damaging to businesses and employees. Customers can lose trust in companies, causing severe reputational damage and revenue loss when security incidents occur. Employee account hacking can result in the loss of sensitive data, intellectual property and significant financial losses. These attacks may also result in legal liability and financial penalties.

Businesses must work together to keep their employees and IT systems safe from account takeover attacks. They must invest in cyber security measures, such as multi-factor authentication, intrusion detection systems and software updates on a regular basis. They must also provide regular cyber security awareness training to their employees in order to educate them on cybersecurity risks and safe digital practices.

A reputable cyber security provider, such as SEACOM, can provide the necessary security systems and expertise to protect large enterprises from account takeover attacks. SEACOM’s cyber security expertise can assist South African businesses in protecting their employees and assets from the damaging effects of account takeover attacks.

Enterprises must remain vigilant and take proactive steps to prevent these attacks. With the help of a reputable cyber security provider, companies can take a proactive approach to account takeover attacks. For more information about our cyber security offerings or to get a quote, email us at or leave us a message.

SEACOM owns Africa’s most extensive network of information and communications technology (ICT) infrastructure, including subsea cables and secure internet connections. We offer a diverse range of flexible, scalable and high-quality solutions for businesses that meet world-class standards for connectivity.

SEACOM is privately owned and operated, making it agile and adaptable to the needs of the customer. This makes us the preferred ICT and internet connectivity partner for African businesses and peripheral service providers. We can guarantee high-speed, low-latency and secure internet connections to corporates and small enterprises.

For‌ ‌more‌ ‌information‌ ‌on‌ our internet and voice solutions, ‌follow‌ ‌us‌ ‌on‌ ‌‌LinkedIn‌,‌ ‌‌Facebook‌ ‌or‌ ‌‌Twitter.‌ ‌Keep‌ ‌an‌ ‌eye‌ ‌on‌ ‌our‌ ‌‌news‌ ‌section‌‌ ‌for‌ ‌insightful‌ ‌articles‌ and relevant news stories on African ICT, internet connectivity and our leading cloud and security solutions.