Shining a Light Into the Dark Web

WEBINAR

Shining a Light Intothe Dark Web

How Stolen Data is Used to Commit Fraud

Access to loyalty and travel accounts are hot commodities on the criminal underground. But so are packages of consumers’ PII that are used to create new accounts and construct synthetic identities. During this session, we share the latest trends from criminal marketplaces and explain how stolen data makes its way from small circles of bad actors to the dark web – plus how to identify legitimate consumers interacting with your site vs. criminals leveraging stolen data.

Here’s what you’ll learn:

  • Dark web listings for loyalty and travel accounts: how much are they going for and how is that data being used?
  • The scale of leaked consumer PII that aids criminals committing fraud.
  • How and why malware – in particular malware-siphoned web session cookies – presents the riskiest threat for fraud teams right now.
  • Why recaptured darknet data is being used by fraud prevention teams to level the playing field.

Hosted by About-Fraud

View the Webinar on-demand

A few of our happy customers:

About SpyCloud

SpyCloud transforms recaptured darknet data to protect businesses from cyberattacks. Our products operationalize Cybercrime Analytics (C2A) to produce actionable insights that allow enterprises to proactively prevent ransomware and account takeover, protect their business from consumer fraud losses, and investigate cybercrime incidents. Our customers include half of the ten largest global enterprises, mid-size companies, and government agencies around the world. Headquartered in Austin, TX, SpyCloud is home to nearly 200 cybersecurity experts whose mission is to make the internet a safer place.
stat-blocks-stacked

Check Your Exposure

See your real-time account takeover exposure details powered by SpyCloud data.

Mind the Gap: Closing Ransomware Risk Visibility Gaps

WEBINAR

Mind the Gap: Closing Ransomware Risk Visibility Gaps

Our annual survey of security leaders and practitioners revealed that 90% of organizations were affected by ransomware over the past 12 months, despite 86% of enterprise customers increasing security budgets to fight it.

This indicates that security teams have very little confidence in their defenses. Where are the gaps in ransomware defense and how can you proactively address them? Turns out, the riskiest ransomware entry points are ones that security teams lack visibility into – including malware on unmanaged devices accessing the network, compromised third-party applications, and stolen cookies used for session hijacking of SSO instances.

Devices infected with malware, for example, create one of the biggest exposures to ransomware, and without visibility into those devices and into the resulting accounts compromised through malware-siphoned data, organizations don’t have the complete picture of their risk.

We break down the critical findings from our 2022 Ransomware Defense Report so you can:

  • Benchmark your security posture against organizations like yours
  • Pinpoint gaps in your defenses
  • Discover proactive strategies to solve ransomware defense blindspots
  • Hear first-hand insights on the fight against criminal malware rings from a former Special Agent and member of the FBI Cyber Task Force
View the webinar on-demand

A few of our happy customers:

The SpyCloud Difference

Stolen credentials – obtained through breaches and malware-infected devices – are a criminal’s all-access pass to your systems. So take them out of the equation. SpyCloud offers early detection and continuous visibility of exposed credentials and negates this threat vector immediately. The effort and cost of recovery from ransomware (not to mention the negative press attention) far outweigh the effort and cost associated with proactive prevention.

SpyCloud acts as a ransomware “early warning system” for hundreds of global enterprises, including half of the Fortune 10.

stat-blocks-stacked

Check Your Exposure

See your real-time account takeover exposure details powered by SpyCloud data.

Consumer or Fraudster: Balancing Fraud Losses and the Customer Experience

WEBINAR

Consumer or Fraudster: Balancing Fraud Losses and the Customer Experience

Person at laptop

As consumers, we rely on our digital identities more than ever. Our online behavior (like reusing passwords and downloading malicious attachments) puts us at risk of fraud, but things outside our control – including data breaches that expose our personal information – do the same. Fraudsters are the beneficiaries of our leaked personal data, exploring all avenues to impersonate us for their gain. 

As cybercriminals become more sophisticated with their tactics, enterprises with even the most robust fraud prevention programs will continue to have difficulty distinguishing legitimate consumers from cybercriminals.

So is your user a consumer or fraudster? A lack of confidence in the answer puts your bottom line in harm’s way, as synthetic identities, account takeover, and online fraud jeopardize your enterprise.

In this webinar, experts from SpyCloud & Aite-Novarica have a candid conversation about the latest trends in fraud and what organizations can do to protect themselves while balancing losses and the customer experience:

  • Direct insights into the latest fraud tactics and avenues
  • The scale and impact of leaked consumer PII that aids new account fraud and synthetic identity construction
  • Real-life examples from the front lines in the fight against fraud
  • Best practices on how organizations can level the playing field with fraudsters
  • Proactive approaches for negating rising fraud trends

View the Webinar

Presenter Information

Trace Fooshee, Aite-Novarica

Trace Fooshée, Strategic Advisor in Aite-Novarica’s Fraud & AML Practice

Trace Fooshée is a senior advisor in Aite-Novarica Group’s Fraud & AML practice, covering a variety of topics related to fraud and identity since April of 2019. Mr. Fooshée’s background includes more than four years of experience as a management consultant for EY and Deloitte and more than 11 years with SunTrust Bank where he served in a variety of roles but most recently as Head of Fraud Strategy.

Pattie Dillon – Anti-Fraud Product Manager, SpyCloud

Pattie Dillon’s passion for fraud prevention and risk mitigation began in 2002 at her firm Etalinc, LLC, where she pioneered the development and creation of a privacy-oriented online IDresponse age verification and identity verification SaaS platform. Her previous roles as President of Veratad Technologies and Director at Wolfe had her focused on reducing fraud and compliance risk and combating gift card fraud. These roles led her to work with Merchants and Law Enforcement to track criminal activity. Now at SpyCloud, Pattie is the Anti-Fraud Product Manager. Her focus is developing creative and innovative ways to fight fraud with SpyCloud’s leading-edge products and networking with others in an effort to build a safer internet through collaboration and knowledge sharing.

Pete Barker, SpyCloud

Pete Barker – Director of Fraud and Identity, SpyCloud

Pete has spent over 25 years in the fraud and investigations space most recently as the Director of Fraud and Identity for SpyCloud. Prior to SpyCloud, Pete held the position of Senior Manager of Digital Loss Prevention at Dick’s Sporting Goods where he put the ecommerce fraud department on the map when he and his team won the 2018 North American Fraud Awards. He has spoken at several MRC events either in person or virtually. He has a proven track record of achieving goals, implementing and managing strategies that drive profitability, lower costs and prevent fraud.

A few of our happy customers:

The SpyCloud Difference

SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware-infected devices, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.

Our goal is to help organizations to protect themselves from criminal activity and disrupt criminals’ ability to profit from stolen data.

stat-blocks-stacked

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

Combating Fraud from Stolen Cookies: Introducing SpyCloud Session Identity Protection

WEBINAR

Combating Fraud from Stolen Cookies

Introducing SpyCloud Session Identity Protection

Malware stealer logs showing the variety of information that can be siphoned from malware-infected devices.

Threat actors using stolen credentials often face the challenge of bypassing multi-factor authentication (MFA), device ID checks, and browser fingerprinting anti-fraud technologies. But in recent years, criminals have learned how to bypass these protections by relying on “anti-detect” browsers that can emulate a legitimate user’s trusted device and browser fingerprint. These tools are powered by a constant stream of malware infections that steal credentials, session cookies and other browser data – all available for sale on the criminal marketplaces.

We’re excited to introduce a new solution that expands our ability to help enterprises prevent fraud tied to malware: SpyCloud Session Identity Protection. It offers early warning of malware-infected consumers whose compromised web session cookies appear in botnet logs recaptured by SpyCloud, and are therefore at extreme risk of costly, difficult-to-detect fraud.

This webinar explains how:

  • Anti-detect browsers + malware data enable criminals to bypass existing fraud controls
  • Our new product flags consumers infected with malware sometimes well before their credentials on your site are even stolen
  • Early Session Identity Protection customers are reacting to SpyCloud’s alerts of their consumers’ compromised cookies

View the Webinar

A few of our happy customers:

The SpyCloud Difference

SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware-infected devices, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.

Our goal is to help organizations to protect themselves from criminal activity and disrupt criminals’ ability to profit from stolen data.

stat-blocks-stacked

Check Your Exposure

See your real-time account takeover exposure details powered by SpyCloud data.

The Fraudacity of Cybercriminals: How 15.5B Recaptured Data Assets Shine a Light on the Criminal Underground

WEBINAR

The Fraudacity of Cybercriminals

How 15.5B Recaptured Data Assets Shine a Light on the Criminal Underground

Criminal at computer lit by a flashlight, showing logging into another user's account

With the continued increase of individuals working, shopping, and socializing from home, we relied on digital identities more than ever in 2021. And more of that data became available to fraudsters as a result of increased breaches and malware campaigns last year.

Each year, SpyCloud summarizes the trends our team observes while recapturing data at scale from the criminal underground. In 2021, we recovered more than 15 billion assets including credentials and PII from data breaches, malware-infected device logs, and other covert sources.

The bad news: password reuse has only increased, and inexpensive malware tools have facilitated mass device infections – putting a ton of sensitive data in the hands of criminals. The good news: companies can use this recaptured data to proactively fight back and protect both their employees and consumers.

In this on-demand webinar, SpyCloud’s Vice President of Product Management, Chip Witt, breaks down our observations, including:

  • The scale of data that was stolen & circulated in 2021
  • What recaptured data reveals about online behavior and its impact on your employees and consumers
  • Why the password reuse rate is on the rise – but how it’s just one factor in elevated identity exposure
  • How data breaches and malware fuel account takeover, ransomware, and online fraud
  • Best practices to reduce fraud and improve cyber hygiene for individuals and companies

View the Webinar

The Fraudacity of Cybercriminals: How 15.5B Recaptured Data Assets Shine a Light on the Criminal Underground

A few of our happy customers:

The SpyCloud Difference

SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware-infected devices, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.

Our goal is to help organizations to protect themselves from criminal activity and disrupt criminals’ ability to profit from stolen data.

stat-blocks-stacked

Check Your Exposure

See your real-time account takeover exposure details powered by SpyCloud data.

Real or Synthetic? Introducing SpyCloud Identity Risk Engine

WEBINAR

Real or Synthetic? Introducing SpyCloud Identity Risk Engine

SpyCloud Identity Risk Engine - High Risk User

The surge in online activity in recent years has led to a corresponding explosion in online fraud, leaving even enterprises with strong fraud prevention programs struggling to confidently distinguish real consumers from cybercriminals. Until now, no existing anti-fraud solution on the market could provide visibility into the risk posed by the recency, severity, and scope of an individual user’s identity exposures on the criminal underground.

We’re excited to introduce SpyCloud Identity Risk Engine (SIDRETM), a new anti-fraud solution that leverages our robust database of recaptured breach and malware-stolen data to help detect the risk of account takeover, identity fraud, and new account fraud. We protect organizations in real-time by correlating risk indicators to distinguish high risk from low risk consumers, allowing enterprises to tailor the customer journey appropriately and reduce fraud losses without adding friction.

In this webinar, SpyCloud’s Anti-Fraud Solutions Product Manager, Pattie Dillon, and Director of Fraud & Identity, Pete Barker, introduce SpyCloud’s newest offering, including a detailed look at how we’re turning recaptured data into a clear fraud signal that can improve the accuracy of fraud decisioning at scale.

Learn how Identity Risk Engine can complement your existing fraud control framework to help you:

  • Predict Fraud Tied to Malware: Identify consumers whose data has been harvested by malware, including browser fingerprints that enable criminals to impersonate them
  • Anticipate Account Takeover: Determine which customers are at highest risk of account takeover due to exposed credentials, bad password hygiene, and other key risk indicators
  • Detect Synthetic Identities: Detect anomalies within a customer’s information indicating that the identity is fake, stolen, or constructed using sensitive data available on the criminal underground

View the Webinar

A few of our happy customers:

The SpyCloud Difference

SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware-infected devices, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.

Our goal is to help organizations to protect themselves from criminal activity and disrupt criminals’ ability to profit from stolen data.

stat-blocks-stacked

Check Your Exposure

See your real-time account takeover exposure details powered by SpyCloud data.

All Criminals Want for the Holidays is You(r Data): An Inside Look at How Cybercriminals Profit Off the Holiday Season

WEBINAR

All Criminals Want for the Holidays is You(r Data)

An Inside Look at How Cybercriminals Profit Off the Holiday Season

Retailers aren’t the only ones gearing up for the holiday rush — cybercriminals are waiting to get in on the action. The days leading up to and inclusive of Black Friday and Cyber Monday have continuously shown spikes in cybercriminal activity with increases in stolen accounts, gift cards, and other fraudulent purchases and transactions.

But cybercriminals are doing more than gaining access to consumer accounts and making fraudulent transactions. They’re also infecting systems with malware and reselling the logs, creating new avenues for cybercrime.

In this on-demand webinar, SpyCloud researchers share an inside look at the shopping trends they uncovered while monitoring popular cybercriminal communities during the 2021 holiday season and what this means for enterprises who must protect their consumers – and their bottom lines.

Watch the webinar to learn:

  • What gift cards, credentials and other access criminals are buying on the dark web, including price and transaction volume
  • How 2021 trends compare to those of years past
  • How criminals are leveraging malware to impersonate legitimate consumer and evade fraud prevention measures 
  • What enterprises can do to protect themselves and their consumers from account takeover and other follow-on attacks

View the Webinar

All Criminals Want for the Holidays is You(r Data)

A few of our happy customers:

The SpyCloud Difference

SpyCloud offers the earliest possible detection of potentially compromised accounts – those using credentials that have appeared in a third-party breach or are for sale on the dark web and are therefore at risk of account takeover. And we automate the remediation of exposed passwords, enabling enterprises to lock down accounts quickly, before damage is done.

Our goal is to help organizations to protect themselves from criminal activity and disrupt criminals’ ability to profit from stolen data.

stat-blocks-stacked

Check Your Exposure

See your real-time account takeover exposure details powered by SpyCloud data.

The Ransomware/Stolen Credentials Connection

WEBINAR

The Ransomware/Stolen Credentials Connection

ransomware-stolen-credentials-webinar

Ransomware attacks are on the rise, and no industry or company is off-limits. For criminals, it’s a short and clear path from obtaining a stolen account credential to penetrating a network and demanding millions in ransom. For victims, the result is massive business disruption, negative press, brand damage, and an expensive, time-consuming remediation process.

But ransomware only works if cybercriminals have access to your network. The majority of these attacks stem from stolen credentials, and taking back control starts with proactive measures to negate their value.

In this on-demand webinar, we break down the ransomware ecosystem, adversary groups’ latest tactics, and strategies to mitigate your risk and avoid paying millions to ransomware gangs.

You’ll learn:

  • How ransomware operators select their targets and work with other players in the ecosystem to efficiently exploit vulnerabilities
  • Common entry points to corporate networks and the order of operations for attacks, including where stolen credentials come into play
  • Necessary proactive defenses that reduce the risk of attacks while negating bad habits like password reuse

There’s no room for error when it comes to ransomware. This webinar demystifies these insidious attacks and shows you how to reduce your exposure.

Want more info? Check out our blog:
One for the Money, Two for the Show, $4.4M for the Ransomware Gang That Used AT0

With recovery costs averaging $1.85M, we took a deeper look at the crisis-level ransomware threat by analyzing some recent attacks that originated from stolen credentials.

Read more

View the Webinar

The Ransomware/Stolen Credentials Connection

Presenter Info

CW Walker – Manager, Solutions Architects

CW Walker started his career in government as a threat intelligence analyst. His passion is understanding the stories that can be told through collection and analysis of interesting data. He has lead teams of solutions engineers at multiple threat intelligence companies and currently supports SpyCloud’s technical GTM efforts.

A few of our happy customers:

The SpyCloud Difference

Stolen credentials – obtained through breaches and malware-infected devices – are a criminal’s all-access pass to your systems. So take them out of the equation. SpyCloud offers early detection and continuous visibility of exposed credentials and negates this threat vector immediately. The effort and cost of recovery from ransomware (not to mention the negative press attention) far outweigh the effort and cost associated with proactive prevention.

SpyCloud acts as a ransomware “early warning system” for hundreds of global enterprises, including half of the Fortune 10.

Laptop with SpyCloud

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

Another [1.5] Bites the Dust: Key Learnings from 1.5B Stolen Credentials You Should Never Use Again

WEBINAR

Another [1.5] Bites the Dust: Key Learnings from 1.5B Stolen Credentials You Should Never Use Again

We all want to leave 2020 in the rearview mirror, but the effects will be with us for a long time. Our online behavior shifted dramatically, and we created a number of new accounts to manage our lives in a new reality. This vast growth in the attack surface didn’t go unnoticed in criminal circles, and the tactics they developed to perpetrate breaches and account takeover set the stage for what we’re already starting to see in 2021.

In this on-demand webinar, we break down the trends our researchers observed within cybercriminal communities over the last 12 months, including:

  • The scale of data that was stolen & circulated in 2020
  • What the data reveals about device sharing and the fuzzy boundaries between work and personal device usage
  • The top 100 reused passwords (that you should immediately add to your ‘banned password lists’!)
  • Why and how other companies’ data breaches become your company’s problem
  • Security repercussions of the sudden shift to remote working, learning, socializing, and shopping
2021 Annual Credential Exposure Report

Our 2021 report revealed that password reuse continues to be a serious problem, leaving enterprises and their customers vulnerable to account takeover.

Download the Report

Credential Exposure Alerts

Watch the Webinar

Another [1.5] Bites the Dust: Key Learnings from 1.5B Stolen Credentials You Should Never Use Again

Presenter Info

Chip Witt, Vice President of Product Management

Chip Witt has nearly twenty years of diverse technology experience, including product management and operations leadership roles at Hewlett Packard Enterprise, Webroot, VMware, Alcatel, and Appthority. Chip works closely with field intelligence teams specializing in OSINT and HUMINT tradecraft, actor attribution and underground monitoring.

A few of our happy customers:

The SpyCloud Difference

SpyCloud offers the earliest possible detection of potentially compromised accounts – those using credentials that have appeared in a third-party breach or are for sale on the dark web and are therefore at risk of account takeover. And we automate the remediation of exposed passwords, enabling enterprises to lock down accounts quickly, before damage is done. 

Our goal is to help organizations to protect themselves from criminal activity and disrupt criminals’ ability to profit from stolen data.

stat-blocks-stacked

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

Everyone is a Target: The State of Account Takeover in the Telecommunications Industry

WEBINAR

Everyone is a Target: The State of Account Takeover in the Telecommunications Industry

targeted account takeover

For every telecom company in the Fortune 1000, there are 552,601 plaintext passwords of employees in the hands of criminals. The telecom industry is up against a wall: there is seemingly unlimited data from both employees and subscribers in the hands of criminals to exploit for profit.

It’s time to stop giving criminals easy targets due to poor password hygiene and common security habits that put individuals and organizations at risk.

In this half-hour webinar, we dive into:

  • The underestimated and misunderstood methods cybercriminals are using to take over accounts
  • The latest stolen credential statistics specific to the industry that underscore the scope of the problem
  • Recommendations for mitigating risk
Solution: Account Takeover Prevention

Protect your users from account takeover fraud.

Learn More

Zero Trust

Watch the Webinar

Everyone is a Target: The State of Account Takeover in the Telecommunications Industry

Presenter Info

Bob Lyle, SVP, Vertical Markets

With a background in the device security and IP licensing spaces, he leads SpyCloud’s efforts to engage with key market verticals, including telecommunications and e-commerce, to best serve enterprises and consumers globally and protect them from account takeover (ATO). In parallel, Bob is also the Chair of GSMA’s Device Security Group (DSG), which advises mobile network operators, mobile device OEMs, and mobile ISVs on device security, theft, malware and spyware protections and assists with industry recommendations and standards around device security matters.

Bob Lyle - SpyCloud

The SpyCloud Difference

SpyCloud offers the earliest possible detection of potentially compromised accounts – those using credentials that have appeared in a third-party breach or are for sale on the dark web and are therefore at risk of account takeover. And we automate the remediation of exposed passwords, enabling enterprises to lock down accounts quickly, before damage is done. 

Our goal is to help organizations to protect themselves from criminal activity and disrupt criminals’ ability to profit from stolen data.

stat-blocks-stacked

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.