MANUAL-ATTACK DEFENSE

TM

Protection against manual account takeovers and other human-powered attacks

Problem:

Criminals are launching manual fraud against your digital properties

Solution:

Manual-Attack Defense add-on service for Shape Enterprise Defense

Bots and other forms of fraudulent, automated web and mobile traffic deservedly garner a majority of security focus. The ability for cybercriminals to attack at scale through sophisticated automation represents a primary business and fraud risk for many organizations.

However, for some organizations and some workflows, manual fraud against digital properties also represents a material source of risk and losses. For these situations, Shape Security offers Manual-Attack Defense™ as part of its Shape Enterprise Defense™ platform.

Protection Against Manual Account Takeovers and Other Human-powered Attacks

Cybercriminals focus human-powered attacks on high-value targets, including account takeovers and new account creation when they cannot achieve the same results through (far cheaper) automation. Shape has observed extensive use of human-powered attacks across a variety of vertical industries:

Industry

Financial services
Retail and ecommerce
Travel and hospitality
Telcos and service providers

Threat Vector

Account Takeovers
Gift card cracking and credit card fraud
Account takeovers and loyalty point theft
Account takeovers and mobile device mis-appropriation

Industry | Network leverage

Financial services | Account Takeovers
Retail and ecommerce | Gift card cracking and credit card fraud
Travel and hospitality | Account takeovers and loyalty point theft
Telcos and service providers | Account takeovers and mobile device mis-appropriation

How Manual-Attack Defense Works

Shape’s Manual-Attack Defense service leverage’s Shape’s patented, two-stage, detection and mitigation platform to protect businesses from manual attacks.

Manual-Attack Defense uses supervised machine learning to detect and mitigate human-powered credential stuffing attacks. It separates human-powered attack traffic from genuine customers by constructing unique fraud ‘signatures’ of human-powered traffic. 

Manual-Attack Defense is able to accurately detect human-powered attack traffic from genuine customer interactions, and deploy mitigation strategies to flag such traffic, and if necessary, block, deflect, or deceive.

Protect Your Online Business from Manual Fraud

Shape offers the industry’s only solution that prevents human-powered fraud at scale, Shape has unique insights into the scale of the human-powered credential stuffing. For a North American bank that Shape Security recently helped, 1 out of every two hundred login attempts were human-powered credential stuffing (0.5%), or several hundred fraudulent logins per day, representing $1M in losses per month.