Account takeover refers to the takeover of an existing customer account by a fraudster using phishing, malware or data theft. The aim of such an account takeover is usually to misuse the customer account for transactions. For example, the fraudster changes individual data such as the e-mail and delivery address, places orders via the account and thus receives goods without ever having to pay for them.
Often, such account takeovers remain undetected for quite a long time; especially if the fraudster has changed the email address and the “good” customer does not receive an order confirmation. However, if the fraud is discovered, you as an online merchant must reimburse your customer for the damage incurred. Of course, without getting the goods back.
In the prevention of these cases, customer profiles and the analysis of user behavior are particularly important. Find out how you can protect yourself from account takeover: https://riskident.com/en/whats-fraud/