LOS ALTOS, Calif., Nov. 20, 2018 /PRNewswire/ -- 4iQ, a leader
in Identity Theft Intelligence, announced today it has fast-tracked
to market a free service aimed at staving off the effects of a
troubling trend – a significant seasonal rise in the presence of
breached shopper credentials on the Deep, Dark Web. Because of
widespread consumer password re-use, credentials from prior
breaches are being used by criminals to access accounts on
otherwise secure shopping, banking and credit card sites.
Each year since Cyber Monday became an American phenomenon,
instances of online fraud have risen, along with the revenue
significance of online shopping. In response, CIOs, CISOs and risk
officers in leading retail and financial organizations have
invested millions in their efforts around online security, locking
down their infrastructures to avoid breaches. Ironically, it can be
some other organization's breach and a relatively non-technical
criminal that opens their own organizations up to fraud. Regardless
of root cause, the impact of unauthorized account access is both
financial and reputational.
"When a shopper's account is accessed by a criminal, it's at
minimum an immediate customer service issue, because the first
place the consumer points the finger is at the website that
allegedly charged their credit card," said Monica Pal, 4iQ CEO. "At 4iQ, we know the truth
isn't always that simple. Ultimately the fraud could be the result
of another organization's breach that allowed that consumer's
credentials to get to the Deep, Dark Web. In other words,
consumer's decision to reuse a password could be the culprit. But
that's not the right message to send to a frustrated consumer. The
real customer service solution in our mind is to help consumers
protect themselves, which in turn protects you."
In response and in advance of Cyber Monday this year, 4iQ has
launched a free breach watch service to help e-commerce businesses
understand their exposure on the surface and Deep and Dark Web.
After an organization completes an online application and
authorization process, 4iQ will scan its proprietary identity
datalake for evidence of the organization's domain being impacted
by previous breach activity or other online vulnerabilities. This
allows businesses to double- and triple-check for threats that
could put the organization's e-commerce infrastructure at risk.
Then, with that as a baseline, 4iQ will alert the organization on
any new activity related to the domain through January 31, 2019. 4iQ also offers an
enterprise-level, paid service that enables organizations to find
breached credential evidence associated with their customer
accounts.
"In 2017, we saw a 182% increase in identity records discovered
by our team compared with the year prior, and by June this year,
the number of total exposed consumer records had nearly doubled
from 12.4 million to about 22.5 million," said Julio
Casal, 4iQ Founder & Chief Technology Officer.
"Last year's holiday season was acknowledged industry-wide as the
worst ever in terms of account takeover, and we can only expect
this year will top that."
Despite efforts to educate consumers on the risks of credential
re-use, a July study commissioned by 4iQ showed that nearly half of
surveyed US consumers admitted to reusing passwords across multiple
websites. Three-quarters acknowledged they don't change their
passwords unless prompted or forced by a service to do so.
For this reason, many financial services websites force regular
resets – but some don't and given consumer behavior, many online
retailers avoid adding any extra steps to the checkout or security
verification process.
"Most retail and financial services CISOs already have a little
trouble sleeping during the holiday season," said Pal. "But not
considering the effects of password re-use is like locking the
house, setting the alarm and leaving the garage door wide
open."
About 4iQ
4iQ provides identity theft intelligence
that helps organizations measure, monitor and manage digital risk.
4iQ protects people and enterprises by scanning the surface, social
and deep and dark web for stolen, leaked or lost login credentials
and other personally identifiable information (PII). 4iQ then
notifies organizations and individuals when these records appear to
guard against the theft of identities, information and money before
it happens. In addition to ongoing deep and dark web monitoring,
the 4iQ platform also helps companies meet password guidelines,
verify credentials, and prevent account takeover. 4iQ is
headquartered in Los Altos, CA and
backed by Forgepoint Capital, Telefonica, BGV and Adara Ventures.
For more information, please visit www.4iQ.com.
View original
content:http://www.prnewswire.com/news-releases/4iq-warns-cisos-on-holiday-season-spike-in-breached-credentials-your-peers-security-breaches-are-putting-your-own-enterprise-at-risk-300753714.html
SOURCE 4iQ