Inside the Mind of Fraudsters: How Bots Exploit Travel Logins

September Trend Sharing Session

Inside the Mind of Fraudsters

How Bots Exploit Travel Logins

Airlines, along with the travel and hospitality industry at large, are heavily impacted by account takeover (ATO) attacks targeting their loyalty programs. The recent RockYou2024 leak exposing nearly ten billion unique passwords on a popular hacking forum signals that credential stuffing attacks to take over accounts will continue to be problematic.

Traditional fraud prevention tools focus on downstream fraud, but effective ATO protection requires early detection and prevention. In this webinar, hosted by Kasada, we talked about the latest methods fraudsters use to successfully conduct ATO attacks at scale, the fraud schemes used to monetize stolen loyalty accounts, and modern techniques to predict and protect against them.

Specific topics included:

  • The emergence of new “solver services” able to bypass anti-bot detection for pennies
  • Early warning signs associated with credential stuffing attacks you should be aware of and looking for
  • Visibility into non-traditional marketplaces where stolen accounts loaded with loyalty points are sold and redeemed
  • Kasada’s own research summarizing the state of account fraud within airlines, hotels, and other segments
  • Best practices for modernizing your website, apps, and API security to defend against bot-driven ATO

Speakers:

This session was hosted together with