Report
2022 Fortune 1000 Identity Exposure Report
Our annual analysis of data tied to Fortune 1000 companies includes insights on credential exposure, password reuse rates, and the impact of malware-infected employees and consumers.
Webinar
Consumer or Fraudster: Balancing Fraud Losses and the Customer Experience
Experts from Aite-Novarica and SpyCloud discuss the latest trends in fraud and what organizations can do to protect themselves while balancing losses and the customer experience.
Report
2022 Report: Identity Exposure of London’s FTSE 100
Our annual analysis of exposed credentials and PII tied to London’s FTSE 100 employees uncovered insights about password reuse and malware-infected devices that put these organisations and the companies that rely on them at risk.
Webinar
Combating Fraud from Stolen Cookies: Introducing SpyCloud Session Identity Protection
On-Demand Webinar: A detailed look at how anti-detect browsers + malware-stolen data put consumers at risk of fraud, and how Session Identity Protection helps protect your bottom line by offering early warning of malware-infected consumers with compromised web session cookies.
Report
2022 Annual Identity Exposure Report
Our annual reports analyzes the 15.5 billion assets we recaptured from the criminal underground last year, and how enterprises can use this information to protect themselves from ATO, malware, and ransomware, and protect their consumers from online fraud.
Webinar
The Fraudacity of Cybercriminals: How 15.5B Recaptured Data Assets Shine a Light on the Criminal Underground
On-Demand Webinar: Analysis of the 15+ billion assets we recaptured in 2021 and what we can learn from patterns we’ve observed in the criminal underground over the last 12 months.
Webinar
Real or Synthetic? Introducing SpyCloud Identity Risk Engine
On-Demand Webinar: A detailed look at how Identity Risk Engine turns recaptured data into a clear fraud signal that complements your existing control framework.
Whitepaper
Reducing Identity Fraud in Ecommerce
How can merchants best balance the customer experience and fraud prevention? Our report offers a new approach for merchants to differentiate between low- and high-risk customers.
Whitepaper
Reducing Identity Fraud While Improving the Digital Customer Experience in Financial Services
FIs must must strike a balance between prevention controls and fraud mitigation while ensuring a quality customer experience. Our report delves into a new framework for understanding the risk that each individual consumer presents at key points in their journey.
Webinar
All Criminals Want for the Holidays is You(r Data): An Inside Look at How Cybercriminals Profit Off the Holiday Season
On-Demand Webinar: SpyCloud researchers share an inside look at 2021 holiday shopping trends on popular cybercriminal communities, including botnet logs for sale that allow bad actors to impersonate your consumers.
Report
2021 Ransomware Defense Report
Our report breaks down the frequency of ransomware attacks on organizations of all sizes, insights on ransomware preparedness measures, and details on the criminal economy that’s fueling ransomware right now.
Whitepaper
Identity Theft 101
SpyCloud and the Communications Fraud Control Association (CFCA) created this consumer education document to help you understand what identity theft is & how to prevent it.
Report
U.S. Government Credential Exposure Report
The prevalence of password reuse and loose credential security protocols are gifts to cybercriminals that expose the U.S. to significant risks.
Whitepaper
Business Email Compromise 101
As stolen credentials have become more accessible on the dark web, so has the ability to compromise legitimate business email accounts to commit fraud.
Webinar
The Ransomware/Stolen Credentials Connection
On-Demand Webinar: We break down the ransomware ecosystem, adversary groups’ latest tactics, and strategies to mitigate your risk and avoid paying millions to ransomware gangs.
Whitepaper
Passwords are Dead; Long Live Passwords: The Fate of Passwords in the Digital Age
Examining the state of password security today and the challenges facing passwordless solutions, this SpyCloud report offers clear guidance on protecting your user accounts without having to reinvent the wheel.
Whitepaper
Telecommunications Industry Credential Exposure: 2021 Special Report
Every industry is vulnerable to cybercrime, but perhaps none more so than Telecommunications. Find out why, see the extent of exposed data, and discover specific ways to shore up your defenses.
Whitepaper
MFA Bypass 101
Understand how hackers combine attack methods and stolen credentials to sidestep multi-factor authentication.
Whitepaper
Credential Stuffing 101
We tap our expertise in helping organizations recover exposed credentials to help you understand the anatomy of credential stuffing attacks, why they persist, and what you can do to prevent them.
Webinar
Another [1.5] Bites the Dust: Key Learnings from 1.5B Stolen Credentials You Should Never Use Again
On-Demand Webinar: We break down the trends our researchers observed within cybercriminal communities over the last 12 months, including the breached data cybercriminals have been stealing and sharing, and how your cybersecurity plans should adjust as a result.
Webinar
Everyone is a Target: The State of Account Takeover in the Telecommunications Industry
See the latest stolen credential statistics specific to telcos and get recommendations for mitigating risk. Presented by Bob Lyle, SpyCloud’s expert on telecommunications ATO fraud.
Whitepaper
Understanding the SolarWinds Supply Chain Attack
The SolarWinds supply chain compromise will have repercussions for years to come. Using witness testimony from the February 23, 2021 Senate Select Committee on Intelligence hearing, we broke down the timeline of the attack and examined how SpyCloud could have helped at each stage.
Report
2021 Annual Credential Exposure Report
Over the last 12 months, SpyCloud has recovered 1.5 billion credentials from 854 breach sources. Find out the trends our researchers have observed, including exposed .gov credentials and pandemic-themed keywords in users’ passwords.
Report
2021 Report: Breach Exposure of London’s FTSE 100
SpyCloud found over 39 million breach assets tied to FTSE 100 & subsidiary companies on the criminal underground. What else did we discover and how does your industry stack up?
Report
2021 Report: Breach Exposure of the Fortune 1000
Find out what SpyCloud learned by analyzing millions of data breach records and botnet logs tied to employees of Fortune 1000 enterprises.
Report
2021 Remote Workforce Security Report
Learn how your peers are tackling the top threat vectors facing remote workers, including phishing, malware, and account takeover.
Whitepaper
Account Takeover 101
You can’t stop ATO until you understand it. Get this plain-English primer on the latest attack methods, bad habits that increase ATO risk, and strategies for prevention.
Whitepaper
Credential-Stealing Malware: Remediation Guide for Government Security Teams
Download our guide to learn what swift actions government agencies can take to prevent employees’ and consumers’ data from being siphoned by keylogger malware.
Webinar
How the Holidays Affect Dark Web Cybercriminal Activity
The activity we saw on criminal marketplaces during the 2020 holiday shopping season surprised us – huge spikes in the sales of crimeware tools and stolen credentials for particular restaurants, airlines and other consumer services accounts. Get the details in this on-demand webinar.
Whitepaper
Infected User Response Guide
Handy guide to decipher what it means when employee or consumer information appears on a botnet log, and how to contact infected users with an action plan.
Whitepaper
CISO’s Guide to Surviving a Data Breach
Get advice from CISOs who have been through worst-case scenarios: breaches that exposed customer data. Their experience will help you better prepare your own breach prevention and response plans.
Case Study
Fortune 100 Financial Services Company
This Fortune 100 financial services company protects millions of financial services consumers from account takeover fraud with SpyCloud, while also enriching their online fraud investigations with SpyCloud data.
Case Study
Alvarez & Marsal
Alvarez & Marsal uses SpyCloud Active Directory Guardian to monitor the credentials of over 6,000 employees across all 54 of the company’s global offices, as well as service providers enrolled in their Active Directory.
Report
SpyCloud Named 2020 Gartner Cool Vendor in Identity Access Management and Fraud Detection
See Gartner’s analysis of the IAM & Fraud Detection market and why SpyCloud received the Cool Vendor recognition.
Case Study
Global Fintech Company
With SpyCloud, this global fintech platform has been able to automate consumer account takeover prevention at scale, protect thousands of users infected with credential-stealing botnets, and enrich their predictive models and investigations.
Webinar
Surviving a Data Breach – On-Demand
Security leaders who have been through worst-case scenarios offer real-world advice for stronger breach prevention & response. Get the audio file or watch the panel webinar on-demand.
Webinar
Securing Consumers’ Identity – FinTech Webinar
We explore securing consumer identity against evolving criminal behavior & technology and share how one fintech platform is using breach data to inform their fraud algorithms in 4 innovative ways.
Webinar
How Credential Stuffing Tools Are Made
Learn how credential stuffing works and get insights into the tools of the trade (including some very sophisticated custom Nintendo crimeware). Discover why stolen accounts that don’t have obvious monetary value can be profitable for cybercriminals.
Webinar
I Put a Keylogger On You, and Now You’re Mine: What Cybercriminals See When They Infect a Host with Malware
See malware from the criminal perspective, including how the data collected from infected machines gets monetized. Learn how to shield your organization from the damage caused by credential-stealing malware.
Whitepaper
Best Practices for Notifying Consumers of a Third-Party Data Breach
When your consumers’ passwords appear in a third-party breach, the language you use to notify them that their passwords must be reset requires careful consideration.
Report
Dataset: COVID-19 Themed Domains
To demonstrate how to complete a low-cost analysis using open-source threat intelligence data, we have compiled and shared a dataset of over 136,000 domains with COVID-19 themes.
Webinar
Targeted Attacks: How Sophisticated Criminals Bypass Enterprise Security Measures
If your account takeover prevention program primarily focuses on automated credential stuffing attacks, you may be leaving your organization exposed to serious losses. Learn more in this webinar we hosted with ISMG.
Case Study
Global Managed Services Provider
SpyCloud enabled a global managed services provider to expand the value of their offering by adding credential monitoring services and increasing the quality of their threat intelligence reports—all without hiring additional staff.
Report
2020 Report: Breach Exposure of the Fortune 1000
Our extensive 2020 report examines the breach exposure of Fortune 1000 enterprises.
Whitepaper
Targeted vs. Automated Account Takeover Attacks
Account takeover can be highly-targeted, sophisticated, and manual, or it can be high-volume and automated. Learn how to protect your enterprise from both types of ATO.
Report
2020 Annual Credential Exposure Report
Our 2020 report shows that password reuse continues to be a serious problem, leaving enterprises and their customers vulnerable to account takeover.
Webinar
Fortune 1000 Breach Exposure: What We Can Learn
SpyCloud has analyzed breach data tied to Fortune 1000 employee credentials to understand trends in password reuse and data exposure. See what it means for the organizations that work with them.
Case Study
A Large US University
With few resources to dedicate to account takeover prevention, this large US university was settling for a mediocre security solution that required too much manual effort.
Case Study
Oklahoma University
With few internal resources or sufficient tools to identify and remediate exposed student, faculty and staff email accounts, OU was at constant risk for accounts being compromised.
Case Study
Global Networking Company
Discovering exposed user credentials across the global networking company’s many domains proved to be challenging using old, redundant, and undecrypted password data from an incomplete solution.
Case Study
Top 10 Travel Booking Site
Preventing account takeover begins with monitoring the dark web, but without the ability to match user accounts with a database of exposed credentials, a top 10 travel booking site was vulnerable to attack.
Case Study
Automattic
Password reuse is a constant issue that often leads to account takeovers, yet finding exposed credentials was a labor-intensive, manual task that didn’t capture every instance.
Whitepaper
Best Practices for Implementing NIST Password Guidelines
Aligning your enterprise’s password policy with the latest guidelines from NIST can help encourage better password habits and reduce the risk of account takeover.
Solution Brief
Simplify NIST Password Guidelines with SpyCloud Active Directory Guardian
Read this solution brief to understand the benefits of using SpyCloud to align with NIST password guidelines.
Whitepaper
GDPR & ATO Prevention Solutions
Everything you ever wanted to know about GDPR in (Relatively) plain english, along with information for companies evaluating SpyCloud.
Whitepaper
Understanding the Latest NIST Password Guidelines
Over the years, security professionals have learned surprising lessons about how password policies affect user behavior.
Case Study
Chemical Company
Preventing a security breach that impacts their customer data is a top priority, yet without credential exposure monitoring & reporting, this company was at constant risk.
Whitepaper
Considerations for Choosing an Account Takeover Security Solution
This CSO whitepaper provides a guide to the best practices for evaluating how well each approach works, including a checklist of topics to discuss with each vendor being evaluated.
Webinar
How the Holidays Affect Criminal Ecommerce
In this webinar, SpyCloud researchers discuss the trends they’ve tracked on criminal ecommerce sites, including fresh data on how Black Friday 2019 sales affected prices and sales volumes.
Report
Innovation on the Dark Web
This SpyCloud Research Report demystifies the markets selling everything from drugs and guns to stolen credentials.
Webinar
Hard Truths About ATO & Strategies To Defend Your Enterprise
Protecting your enterprise from breaches and account takeovers has never been a bigger challenge.
Report
2018 Annual Credential Exposure Report
Each year, our experts dig into the data from the previous year and break all the breaches down by the numbers.
Report
Understanding the Underground Market for Stolen Credentials
Download the SpyCloud White Paper to read our experts’ breakdown of how the underground market operates, how it is changing, and what can be done to protect you and your company.
Webinar
6 Myths About Account Takeover
Watch the 6 Myths About Account Takeovers webinar and learn which popular claims are oversold so you can make informed decisions about your own ATO prevention investment.
Whitepaper
The 6 Myths About Account Takeover
Download the ebook, 6 Myths about ATO Prevention Strategies to learn which of the most common techniques and technologies help and which provide false hope.
Webinar
How Easy Is It To Bypass Multi-Factor Authentication Solutions?
Enterprises are trying everything they can to prevent cyber criminals from taking over employee and customer accounts to gain access to data and systems.
Report
Download Our Report on Account Takeover
Because of widespread password reuse, Account Takeover (ATO) attacks have become an extremely lucrative business for cybercriminals.
Stop exposures from becoming account breaches.