Bots and other forms of fraudulent, automated web and mobile traffic deservedly garner a majority of security focus. The ability for cybercriminals to attack at scale through sophisticated automation represents a primary business and fraud risk for many organizations.
However, for some organizations and some workflows, manual fraud against digital properties also represents a material source of risk and losses. For these situations, Shape Security offers Manual-Attack Defense™ as part of its Shape Enterprise Defense™ platform.
Cybercriminals focus human-powered attacks on high-value targets, including account takeovers and new account creation when they cannot achieve the same results through (far cheaper) automation. Shape has observed extensive use of human-powered attacks across a variety of vertical industries:
Shape’s Manual-Attack Defense service leverage’s Shape’s patented, two-stage, detection and mitigation platform to protect businesses from manual attacks.
Manual-Attack Defense uses supervised machine learning to detect and mitigate human-powered credential stuffing attacks. It separates human-powered attack traffic from genuine customers by constructing unique fraud ‘signatures’ of human-powered traffic.
Manual-Attack Defense is able to accurately detect human-powered attack traffic from genuine customer interactions, and deploy mitigation strategies to flag such traffic, and if necessary, block, deflect, or deceive.
Shape offers the industry’s only solution that prevents human-powered fraud at scale, Shape has unique insights into the scale of the human-powered credential stuffing. For a North American bank that Shape Security recently helped, 1 out of every two hundred login attempts were human-powered credential stuffing (0.5%), or several hundred fraudulent logins per day, representing $1M in losses per month.