Resources Types: Webinar

Securing Consumers’ Identity – FinTech Webinar

Webinar - SpyCloud for FinTech - Securing Consumer Identity

WEBINAR – FINTECH

Mind the Gap: The Future is Passwordless, But What About Securing Consumer Identity Today?

Webinar - SpyCloud for FinTech - Securing Consumer Identity

The dream: a passwordless future. The reality: the world operates on passwords now and for the foreseeable future. By and large, your customer base is using weak, reused or recycled passwords that put their personal data and financial information at risk.

With fintech services housing so much consumer data and being prime targets for cybercriminals, you are the protector of your customers’ identities in many ways. Yet despite your best efforts to implement strong IAM controls, even unsophisticated criminals armed with credentials pairs from third-party breaches can masquerade as legitimate users.

This webinar explores:

  • How criminal behavior and technology are evolving to outpace your security measures
  • What companies like yours are doing to secure customer accounts in the here and now
  • How one innovative fintech platform is using breach data in four unique ways

This session was hosted in conjunction with KNOW Identity.

Solution: Consumer Account Takeover Prevention

Protect your users from account takeover fraud and unauthorized purchases.

Learn More

Watch the Webinar:

Securing Consumer Identity Today

Presenters

Chip Witt, Vice President of Product Management

Chip Witt has nearly twenty years of diverse technology experience, including product management and operations leadership roles at Hewlett Packard Enterprise, Webroot, VMware, Alcatel, and Appthority. He is currently the VP of Product Management and oversees the Customer Success Program at SpyCloud. Chip works closely with field intelligence teams specializing in OSINT and HUMINT tradecraft, actor attribution and underground monitoring.

Pattie Dillon, Anti-Fraud Relationship Manager

Pattie Dillon’s passion for fraud prevention and risk mitigation begin in 2002 at her firm Etalinc, LLC, where she pioneered the development and creation of a privacy-oriented online IDresponse age verification and identity verification SaaS platform. Her previous roles as President of Veratad Technologies and Director at Wolfe had her focused on reducing fraud and compliance risk and combating gift card fraud. These roles led her to work with Merchants and Law Enforcement to track criminal activity. Now at SpyCloud, Pattie’s focus is developing creative and innovative ways to fight fraud with SpyCloud’s leading-edge products and networking with others in an effort to build a safer internet through collaboration and knowledge sharing.

A few of our happy customers:

Related Resources

Request a Demo

The SpyCloud Difference

Current, Relevant, Truly Actionable Data

SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.

Learn More About Our Data
SpyCloud human intelligence researchers have recovered billions of data breach assets, including stolen passwords and emails that can put enterprises at risk of account takeover

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

Check Your Exposure

How Credential Stuffing Tools Are Made

Credential Stuffing Webinar Screenshot

WEBINAR

How Credential Stuffing Tools Are Made

Credential Stuffing Webinar Screenshot

In early 2020, attackers compromised over 160,000 Nintendo accounts via credential stuffing. SpyCloud researchers discovered source code for one account checker tool that was custom-built to help criminals test stolen credentials against Nintendo logins, enabling attackers to access customer accounts and exploit saved payment methods to purchase in-game currency.

With so many people stuck at home, popular consumer services like Nintendo are facing high demand – from both legitimate customers and cybercriminals. Sophisticated crimeware makes it easy for criminals to target these types of organizations in credential stuffing attacks and defraud their customers. To protect consumers from account takeover, enterprises need to take proactive measures.

View this on-demand webinar to learn:

  • How credential stuffing works, from the lifecycle of stolen credentials to the crimeware attackers use to automate account takeover
  • Why stolen accounts that don’t have obvious monetary value can be profitable for cybercriminals
  • How credential stuffing and account takeover fit into the broader criminal economy
  • What your enterprise can do to combat both credential stuffing and more advanced types of account takeover attacks

Solution: Account Takeover Prevention

Reset stolen passwords before criminals can use them To defraud your users or access sensitive corporate data.

Learn More

Watch the Webinar:

How Credential Stuffing Tools Are Made

Presenter Info

Chip Witt, Vice President of Product Management

Chip Witt has nearly twenty years of diverse technology experience, including product management and operations leadership roles at Hewlett Packard Enterprise, Webroot, VMware, Alcatel, and Appthority. He is currently the VP of Product Management and oversees the Customer Success Program at SpyCloud. Chip works closely with field intelligence teams specializing in OSINT and HUMINT tradecraft, actor attribution and underground monitoring.

A few of our happy customers:

Related Resources

Request a Demo

The SpyCloud Difference

Current, Relevant, Truly Actionable Data

SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.

Learn More About Our Data
SpyCloud human intelligence researchers have recovered billions of data breach assets, including stolen passwords and emails that can put enterprises at risk of account takeover

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

Check Your Exposure

I Put a Keylogger On You, and Now You’re Mine: What Cybercriminals See When They Infect a Host with Malware

Webinar - Malware - Value of an Infected User

WEBINAR

I Put a Keylogger On You, and Now You're Mine

What Cybercriminals See When They Infect a Host with Malware

Webinar - Malware - Value of an Infected User

Emotions about the global pandemic are running high, and attackers are taking advantage. Researchers have observed criminals spreading malware by impersonating official sources, distributing malicious COVID-19 maps and trackers, and malvertising on coronavirus-related news stories.

As security professionals, we try to protect our users from this type of activity by searching for indicators of compromise and writing rules to detect malicious activity. What we don’t see is the criminal perspective – what an attacker actually sees when they infect a host with malware that has keylogging and remote access capabilities.

In this webinar, SpyCloud Head of Product Strategy Chip Witt opens a window into the criminal ecosystem surrounding credential-stealing malware like Azorult, Raccoon, Predator, and Vidar. Chip shares examples of actual malware logs, explains how various actors profit from stolen data, and discusses what you can do to better protect your enterprise from these types of threats.

View this on-demand webinar to learn:

  • How criminals distribute credential-stealing malware to victims, monetize stolen information, and continue to profit from infected hosts
  • What an attacker managing a malware campaign sees as new systems become infected
  • What’s included within malware log files, from cryptocurrency wallet details to photos of victims’ desktops
  • How you can better equip your security organization to handle these threats

Contact us to see your infected user data

Computer infected with malware

Exposed credentials, whether stolen in a data breach or via a botnet infection, put user accounts at risk of account takeover. Let’s deep dive on the data we have collected for your domain.

Get in Touch

Watch the Webinar:

I Put a Keylogger on You, and Now You’re Mine

Presenter Info

Chip Witt, Head of Product Strategy

Chip Witt has nearly twenty years of diverse technology experience, including product management and operations leadership roles at Hewlett Packard Enterprise, Webroot, VMware, Alcatel, and Appthority. He is currently the Head of Product Strategy and manages the Customer Success Program at SpyCloud, which provides cloud-based security services to help businesses of all sizes prevent data breaches and account takeover attacks by alerting when employee or company assets have been compromised. Chip works closely with field intelligence teams specializing in OSINT and HUMINT tradecraft, actor attribution and underground monitoring.

A few of our happy customers:

Related Resources

Request a Demo

The SpyCloud Difference

Current, Relevant, Truly Actionable Data

SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.

Learn More About Our Data
SpyCloud human intelligence researchers have recovered billions of data breach assets, including stolen passwords and emails that can put enterprises at risk of account takeover

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

Check Your Exposure

Targeted Attacks: How Sophisticated Criminals Bypass Enterprise Security Measures


Understand the differences between targeted account takeover (ATO) and automated credential stuffing attacks

WEBINAR

Targeted Attacks: How Sophisticated Criminals Bypass Enterprise Security Measures


SpyCloud + ISMG

For close to three years, a technology executive was hounded by a persistent attacker who stole his identity, opened credit cards in his name, and wired funds from his bank account. Though SpyCloud helped bring this particular criminal to justice, these tactics are common in targeted attacks.

If your account takeover prevention program primarily focuses on automated attacks like credential stuffing and password spraying, you may be leaving your organization exposed to serious losses. Targeted account takeover attacks are manual, creative, and elusive, making them one of the most difficult aspects of security and risk management. When criminals decide to go after high-value individuals and organizations, they’re motivated to pull out all the stops, engaging in time-intensive, difficult to perpetrate methodologies in pursuit of lucrative rewards.

Dig into the tactics, techniques, and procedures criminals use to perpetrate highly-targeted attacks and identify areas where you might be investing unwisely in security technologies, leaving you vulnerable to sophisticated attackers.

View this on-demand webinar to learn:

  • The timeline of a breach and what types of attacks are prevalent at each stage

  • The advanced tactics criminals use to bypass enterprise security measures

  • Perspective on why enterprises should be more concerned about targeted vs automated account takeover attacks

  • Steps you can take to bolster your defenses and protect against the most damaging attacks

Solution Spotlight: ATO Prevention

Reset stolen passwords before criminals can use them to defraud your users or access sensitive corporate data. Learn More

Watch the Webinar:

Targeted Account Takeover Attacks

Presenter Info

Chip Witt, Head of Product Strategy

Chip Witt has nearly twenty years of diverse technology experience, including product management and operations leadership roles at Hewlett Packard Enterprise, Webroot, VMware, Alcatel, and Appthority. He is currently the Head of Product Strategy and manages the Customer Success Program at SpyCloud, which provides cloud-based security services to help businesses of all sizes prevent data breaches and account takeover attacks by alerting when employee or company assets have been compromised. Chip works closely with field intelligence teams specializing in OSINT and HUMINT tradecraft, actor attribution and underground monitoring.

A few of our happy customers:

Related Resources

Request a Demo

The SpyCloud Difference

Current, Relevant, Truly Actionable Data

SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.

Learn More About Our Data
SpyCloud human intelligence researchers have recovered billions of data breach assets, including stolen passwords and emails that can put enterprises at risk of account takeover

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

Check Your Exposure

Fortune 1000 Breach Exposure: What We Can Learn

WEBINAR

Fortune 1000 Breach Exposure: What We Can Learn

SpyCloud + Threatpost

Third-party and supply-chain risk: a complex, convoluted attack surface. Stolen credentials fueling account takeover attempts aimed at infiltrating deep into corporate networks (more than 4 million plaintext passwords tied to Fortune 1000 employees can be found on the Dark Web). Stolen PII and account data that make it easy for criminals to craft highly targeted attacks. Join SpyCloud and Threatpost to talk about large enterprises’ unique risk profile and the impact of the data breach epidemic on this segment.

Drawing on the largest database of stolen credentials in the world, SpyCloud has analyzed breach data tied to Fortune 1000 employee credentials to understand trends in password reuse and data exposure. Join Tara Seals, Threatpost’s Senior Editor, and SpyCloud Head of Product Strategy Chip Witt who will discuss the extent of Fortune 1000 employee breach exposure and what it means for the organizations that work with them.

View this on-demand webinar to learn:

  • The scope of password reuse and third-party breach exposure across the Fortune 1000
  • Which Fortune 1000 sector has the most exposed credentials per company – and which has the most users potentially infected with keyloggers and other malware
  • How stolen Fortune 1000 employee PII can help attackers breach your organization
  • What you can do to protect your organization from third party account takeover

Product Feature: Third Party Insight

Monitor third party exposures and share data to aid in remediation.

Learn More

Watch the Webinar:

Fortune 1000 Breach Exposure

Presenter Info

Chip Witt, Head of Product Strategy

Chip Witt has nearly twenty years of diverse technology experience, including product management and operations leadership roles at Hewlett Packard Enterprise, Webroot, VMware, Alcatel, and Appthority. He is currently the Head of Product Strategy and manages the Customer Success Program at SpyCloud, which provides cloud-based security services to help businesses of all sizes prevent data breaches and account takeover attacks by alerting when employee or company assets have been compromised. Chip works closely with field intelligence teams specializing in OSINT and HUMINT tradecraft, actor attribution and underground monitoring.

A few of our happy customers:

Related Resources

Request a Demo

The SpyCloud Difference

Current, Relevant, Truly Actionable Data

SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.

Learn More About Our Data
SpyCloud human intelligence researchers have recovered billions of data breach assets, including stolen passwords and emails that can put enterprises at risk of account takeover

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

Check Your Exposure

How the Holidays Affect Criminal Ecommerce

WEBINAR

How the Holidays Affect Criminal Ecommerce

Legitimate retailers aren’t the only ones offering up deals to drive holiday spending. On the deep and dark web, many criminal marketplaces advertise sales on illegal wares such as stolen credentials, which criminals can use to take over consumer accounts, steal funds, and siphon rewards points. Discounts are steep, providing an easy entry point for criminals who want to resell a few stolen accounts or even purchase the means to take over their own.

In this webinar, SpyCloud researchers discuss the trends they’ve tracked on criminal ecommerce sites, including fresh data on how Black Friday 2019 sales affected prices and sales volumes for different types of illegitimate access to consumer products – and why your enterprise needs to take that data into account to protect your consumers from account takeover fraud.

View this on-demand webinar to learn the results of their research, including:

  • How these criminal marketplaces operate and why you should care
  • What criminals are buying (Disney+ credentials, anyone?), what prices they’re paying, and what volume of illegal merchandise exchanged hands this Black Friday
  • Which industries and account types are the most popular with cybercriminals this year, and what that means for the upcoming holiday season
  • What enterprises can do to protect themselves and their consumers from account takeover fraud

Solution: Consumer ATO Prevention

Protect your users from account takeover fraud and unauthorized purchases.

Learn More

Watch the Webinar:

How the Holidays Affect Criminal Ecommerce

A few of our happy customers:

Related Resources

Request a Demo

The SpyCloud Difference

Current, Relevant, Truly Actionable Data

SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.

Learn More About Our Data
SpyCloud human intelligence researchers have recovered billions of data breach assets, including stolen passwords and emails that can put enterprises at risk of account takeover

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

Check Your Exposure

Hard Truths About ATO & Strategies To Defend Your Enterprise

WEBINAR

Hard Truths About ATO & Strategies To Defend Your Enterprise

Protecting your enterprise from breaches and account takeovers has never been a bigger challenge. New tools make it possible for even unsophisticated actors to perform advanced, widespread attacks that put your organization at risk. According to the 2019 Verizon Breach Report, stolen credentials are the leading attack vector — yet in a recent study by Symantec, only 7% of respondents rated account takeover as a top threat to their cloud infrastructure.

Regardless of the thoughtful measures and policies you have in place, the hard truth is that no policy can protect you from human behavior. In this webinar, SpyCloud Head of Product Strategy Chip Witt demonstrates how malicious actors take advantage of loopholes in your account takeover prevention plans. For example, your employees may be reusing compromised passwords to access corporate systems or signing up for 3rd party services like LinkedIn or Fantasy Football using their work credentials.

View this on-demand webinar to learn:

  • The anatomy of an account takeover attack
  • Real-world examples of how employee password reuse can threaten your enterprise
  • Potential holes in your account takeover plan
  • What you can do to strengthen your security posture, including alignment to NIST

Solution: Account Takeover Prevention

Reset stolen passwords before criminals can use them To defraud your users or access sensitive corporate data.

Learn More

Watch the Webinar:

Hard Truths About ATO & Strategies To Defend Your Enterprise​

Presenter Info

Chip Witt, Head of Product Strategy

Chip Witt has nearly twenty years of diverse technology experience, including product management and operations leadership roles at Hewlett Packard Enterprise, Webroot, VMware, Alcatel, and Appthority. He is currently the Head of Product Strategy and manages the Customer Success Program at SpyCloud, which provides cloud-based security services to help businesses of all sizes prevent data breaches and account takeover attacks by alerting when employee or company assets have been compromised. Chip works closely with field intelligence teams specializing in OSINT and HUMINT tradecraft, actor attribution and underground monitoring.

A few of our happy customers:

Related Resources

Request a Demo

The SpyCloud Difference

Current, Relevant, Truly Actionable Data

SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.

Learn More About Our Data
SpyCloud human intelligence researchers have recovered billions of data breach assets, including stolen passwords and emails that can put enterprises at risk of account takeover

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

Check Your Exposure

Operationalizing Data For Fraud Investigations

WEBINAR

Operationalizing Data For Fraud Investigations

Security and Fraud teams are swimming in data. Data is not the problem, but operationalizing and making use of the data we have is — especially when it comes to fraud prevention.

Enjoy this lively discussion with Chip Witt, Head of Product Strategy at SpyCloud, and Security Boulevard Managing Editor Charlene O’Hanlon and see live Maltego examples demonstrating how organizations can actually get a handle on their data and into their security systems to prevent fraud.

Solution: Fraud Investigations

Unmask criminal identities and attribute crimes to specific individuals.

Learn More

Watch the Webinar:

Operationalizing Data For Fraud Investigations​

Presenter Info

Chip Witt, Head of Product Strategy

Chip Witt has nearly twenty years of diverse technology experience, including product management and operations leadership roles at Hewlett Packard Enterprise, Webroot, VMware, Alcatel, and Appthority. He is currently the Head of Product Strategy and manages the Customer Success Program at SpyCloud, which provides cloud-based security services to help businesses of all sizes prevent data breaches and account takeover attacks by alerting when employee or company assets have been compromised. Chip works closely with field intelligence teams specializing in OSINT and HUMINT tradecraft, actor attribution and underground monitoring.

A few of our happy customers:

Related Resources

Request a Demo

The SpyCloud Difference

Current, Relevant, Truly Actionable Data

SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.

Learn More About Our Data
SpyCloud human intelligence researchers have recovered billions of data breach assets, including stolen passwords and emails that can put enterprises at risk of account takeover

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

Check Your Exposure

Webinar: 6 Myths About Account Takeover

WEBINAR

6 Myths About Account Takeover

There are a dizzying array of security solutions flooding the market, each promising unmatched protection from account takeover and impenetrable authentication protocols. When the marketing and sales pitches are stripped out and actual capabilities are examined, we find few live up to their own hype.

Watch the 6 Myths About Account Takeover webinar and learn which popular claims are oversold so you can make informed decisions about your own ATO prevention investment.

In this webinar you will discover:

  • The most common ATO prevention strategies and why they aren’t enough. Hint: Multi-factor authentication, password managers and password rotations don’t stop all ATOs
  • Which product claims should raise red flags

Solution: Account Takeover Prevention

Reset stolen passwords before criminals can use them to defraud your users or access sensitive corporate data. Learn More

Watch the Webinar:

6 Myths About Account Takeover

Presenter Info

David Endler, President and Co-Founder

David Endler is an entrepreneur that started his career as a computer scientist at the National Security Agency. He then worked for Deloitte performing penetration testing and security product evaluations for Fortune 500 customers.

Catching the startup bug in 2000, he joined iDefense, a security intelligence firm based in Northern Viginia that was later acquired by Verisign. At iDefense, he formed the company’s security research team, launched the first public vulnerability buying market, and was a founding member of the Open Web Application Security Project.

In 2003, David joined TippingPoint, a networking intrusion prevention vendor. He founded their security research team, DVLabs, through which he led TippingPoint’s attack detection and coverage to numerous industry awards. TippingPoint, a public company, was acquired by 3Com in 2005 and later by HP in 2010.

In 2010, David left HP/TippingPoint to start Jumpshot, a startup that developed patented security software for Windows that leveraged gamification for fighting malware. Jumpshot was acquired by Avast Antivirus in 2013, and most recently David served as Director of Product Development at Avast for the last two years.

David is author of “Hacking Exposed: VoIP” and “Hacking Exposed: Unified Communications,” both published by McGraw Hill. He has been a repeat speaker at the RSA Security conference, Black Hat Security Briefings, Infosecurity Europe and featured in many top publications and media programs. David has a B.S. and M.S. in Computer Science from Tulane University.

A few of our happy customers:

Related Resources

Request a Demo

The SpyCloud Difference

Current, Relevant, Truly Actionable Data

SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.

Learn More About Our Data
SpyCloud human intelligence researchers have recovered billions of data breach assets, including stolen passwords and emails that can put enterprises at risk of account takeover

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

Check Your Exposure

How Easy Is It To Bypass Multi-Factor Authentication Solutions?

WEBINAR

How Easy Is It To Bypass Multi-Factor Authentication Solutions?

Enterprises are trying everything they can to prevent cyber criminals from taking over employee and customer accounts to gain access to data and systems. One security control they believe provides protection is multi-factor authentication (MFA). While MFA does provide an additional layer of security, threat actors have figured out how to bypass it using a few clever tactics.

So how easy is it to get around your multi-factor authentication solutions? Watch this on-demand webinar and learn the most common methods that threat actors are using to bypass MFA so you can implement stronger safeguards to protect your employees and customers from account takeover.

In this webinar you will learn about:

  • The most commonly used MFA bypass techniques
  • How each technique exploits the vulnerabilities of MFA

Solution: Account Takeover Prevention

Reset stolen passwords before criminals can use them to defraud your users or access sensitive corporate data.

Learn More

Watch the Webinar:

How Easy Is It To Bypass Multi-Factor Authentication Solutions?

Presenter Info

Jason Lancaster, Head of Investigations

ason began his career performing pen testing, designing and implementing secure network infrastructures. First as a government contractor and then at a Fortune 500 healthcare company. In 2003, he joined TippingPoint where he held several roles including SE Director. TippingPoint was acquired by 3Com in 2005 and later by HP in 2010.

At HP, Jason ran a cross-functional team as Director with the Office of Advanced Technology. In 2013, Jason co-founded HP Field Intelligence, as part of the Security Research organization, delivering actionable threat intelligence to a wide audience.

Jason spent 15 months at a cloud security start-up CloudPassage prior to joining SpyCloud where he leads the Investigations team.

A few of our happy customers:

Related Resources

Request a Demo

The SpyCloud Difference

Current, Relevant, Truly Actionable Data

SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.

Learn More About Our Data
SpyCloud human intelligence researchers have recovered billions of data breach assets, including stolen passwords and emails that can put enterprises at risk of account takeover

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

Check Your Exposure