SEE THE TRENDS

Key Findings

SEE THE TRENDS

Key Findings

250% Increase in Account Takeover

Account takeover attacks grew by 250% in 2024, with notable spikes during high-traffic periods.

1,000+ Brands

Over 1,000 large companies were targeted since January 2024, compromising millions of customer accounts.

55K Accounts Breached in the Last Month

 6.2 million accounts were compromised over the past 18 months — 55,000 in just the last month.

Tracking ATO: Monthly Attack Patterns

Kasada observed ATO attacks and fraud spiking in both summer and October, highlighting the seasonality of bot-driven threats. These fluctuations may be driven by attackers with more free time in the summer—such as students experimenting with credential stuffing—and increased fraud activity in October as cybercriminals ramp up for the holiday shopping season, testing stolen credentials and refining their tactics before peak retail periods.

Animated Bar Chart
Monthly Number of Companies Attacked

250% Increase in Account Takeover

Account takeover attacks grew by 250% in 2024, with notable spikes during high-traffic periods.

1,000+ Brands Targeted

Over 1,000 large companies were targeted since January 2024, compromising millions of customer accounts.

55K Accounts Breached Last Month

 6.2 million accounts were compromised over the past 18 months — 55,000 in just the last month.

Tracking ATO:

Monthly Attack Patterns

Kasada observed ATO attacks spiking in summer months and October, highlighting the seasonality of bot-driven threats. These fluctuations may be driven by attackers with more free time in the summer — such as students experimenting with credential stuffing — and increased fraud activity in October as cybercriminals ramp up for the holiday shopping season, testing stolen credentials and refining their tactics before peak retail periods.

Bar Graph of Monthly Number of Companies Attacked by ATOs

Industry Breakdown: Who’s Being Targeted?

Credential stuffing is a cross-industry threat, but certain sectors are more frequently targeted due to the high value of customer accounts, such as loyalty and rewards points, and the sensitive financial information and personal data they store.

Kasada Bot Intel ATO Industries
Industry Line Chart

Industry Breakdown:
Who’s Being Targeted?

Credential stuffing is a cross-industry threat, but certain sectors are more frequently targeted due to the high value of customer accounts, such as loyalty and rewards points, and the sensitive financial information and personal data they store.

Kasada Bot Intel ATO Industries
kasada ATO attacks by industry line graph

Traditional Defenses Are Failing

Among targeted and compromised companies, 85% already had a bot detection solution—proving just how aggressive and advanced these attackers have become.

ATO attacks by bot defense

 Traditional Defenses Are Failing

Among targeted and compromised companies, 85% already had a bot detection solution—proving just how aggressive and advanced these attackers have become.

ATO attacks by bot defense
ATO bot Attack sophistication bar graph

How Bots Are Outsmarting Detection

When launching account takeover attacks, threat actors use advanced tools like OpenBullet, which enable large-scale automation with minimal effort. This allows adversaries to configure custom scripts that bypass common defenses, such as CAPTCHA, using techniques like rotating proxies and mimicking human behavior to remain undetected.

How Bots Are Outsmarting Detection

When launching account takeover attacks, threat actors use advanced tools like OpenBullet, which enable large-scale automation with minimal effort. This allows adversaries to configure custom scripts that bypass common defenses, such as CAPTCHA, using techniques like rotating proxies and mimicking human behavior to remain undetected.

ATO bot Attack sophistication bar graph

SEE THE TRENDS

Uncover how attackers exploit ATO—and how to stop them.

Download

SEE THE TRENDS

Uncover how attackers exploit ATO—

and how to stop them.

Download

The latest from Kasada

Get the Newsletter
Kasada - Account Takeover Attack Trends 2025 - 1200x628 - 1.1 (Animated)

2025 Account Takeover Attack Trends

Uncover exclusive insights from Kasada’s infiltration of 22 credential stuffing groups. Dive into the data, emerging trends, and actionable strategies to safeguard your login endpoints in 2025.

Decorative navy blue image that says "A CISO's Guide to Bot Mitigation"

A CISO’s Guide to Bot Protection Effectiveness – Breaking Open the Black Box

Learn how to validate bot protection effectiveness, mitigate business risks, and ensure your defenses align with operational and regulatory needs.

Text on the image reads: "Kasada's Reflections on the 2024 Forrester Wave™" with abstract shapes in white, pink, yellow, and blue background.

Kasada’s Reflections on the Q3 2024 Forrester Wave™ – Bot Management Evaluation

Kasada named a Strong Performer. Here are some of our own reflections having taken part in this evaluation.

  • Kasada - Account Takeover Attack Trends 2025 - 1200x628 - 1.1 (Animated)

    2025 Account Takeover Attack Trends

    Uncover exclusive insights from Kasada’s infiltration of 22 credential stuffing groups. Dive into the data, emerging trends, and actionable strategies to safeguard your login endpoints in 2025.

  • Decorative navy blue image that says "A CISO's Guide to Bot Mitigation"

    A CISO’s Guide to Bot Protection Effectiveness – Breaking Open the Black Box

    Learn how to validate bot protection effectiveness, mitigate business risks, and ensure your defenses align with operational and regulatory needs.

  • Text on the image reads: "Kasada's Reflections on the 2024 Forrester Wave™" with abstract shapes in white, pink, yellow, and blue background.

    Kasada’s Reflections on the Q3 2024 Forrester Wave™ – Bot Management Evaluation

    Kasada named a Strong Performer. Here are some of our own reflections having taken part in this evaluation.

Take the next step to stopping threats now

Download