Threat trends, ATO attack patterns, product updates, and security research from the myNetWatchman team.
Multi-factor authentication was supposed to be the answer to the password problem. But when the second factor routes through the same compromised email address, you haven't added security, you've just added steps.
Read more →The $15.6 billion mistake hiding in plain sight — and why fixing it starts with questioning the premise.
Read more →Despite not being designed for identity verification, email's convenience made it a common business identifier. Criminals target this pervasive use as a primary entry point.
Read more →Email was never built to be your digital passport. Yet it has quietly become the de facto primary identifier for billions of users — creating a dangerous security paradox.
Read more →In the modern digital economy, the email address has transcended its original purpose. It has become the near-universal unique identifier — and a dangerous security paradox.
Read more →The most damaging fraud doesn't happen in November or December. It happens months later, using accounts created or harvested during peak volume.
Read more →Synthetic identity fraud doesn't start with stolen credit cards — it starts with unvetted digital identities. Klarna is learning this the hard way.
Read more →Many organizations don't see card-testing attacks happening — not because they lack technology, but because they lack visibility. The early signals don't show up in their systems at all.
Read more →Our founder Lawrence Baldwin is featured in the BBC World Service podcast series 'Cyber Hack: Evil Corp' — a deep dive into one of the most remarkable true stories in cyber history.
Read more →The first industry benchmark on cyber threats targeting global travel brands — covering airlines, hotels, OTAs, and car rental companies.
Read more →The most common doorway attackers use to bypass MFA is a compromised email account. Before we talk about logins, we need to talk about compromised credentials.
Read more →Even if you've verified a customer at signup, their account can still be at risk the next day — all because of their email address.
Read more →When fake, synthetic, or compromised email addresses clog your customer lists, they distort critical metrics — inflating CAC, diluting CLTV, and creating churn that doesn't reflect real customer behavior.
Read more →Fraudsters treat new-phone hype and holiday volume as their favorite cover. Sleeper accounts are pre-positioned — and they're about to activate.
Read more →Credential stuffing has endured because it's ruthlessly economical. Even when only a tiny fraction of attempts succeed, the sheer scale turns pennies into profits.
Read more →Credential stuffing is cheap, easy to scale, and takes advantage of password reuse. Even a tiny success rate means big profits for criminals and big costs for organizations.
Read more →Bridging the divide between breach data and actionable intelligence. Breach data is a point-in-time snapshot — live data is what actually tells you a fraudster is active right now.
Read more →BEC scams racked up $2.9 billion in losses in 2023 alone. In 2024, BEC accounted for 73% of all reported cyber incidents, with a 13% spike in attacks in early 2025.
Read more →Credential abuse is the leading initial attack vector, up 22% per the 2025 Verizon DBIR. This webinar covers why breach data alone isn't enough — and what live data adds.
Read more →Cyber insurance questionnaires are inadequate in today's rapidly evolving threat landscape. Unless insurers update their risk assessment protocols, losses will continue to rise.
Read more →A facepalm moment: McDonald's 64M-record breach was caused by a test account with the password '123456' and no MFA. A wake-up call for every enterprise security leader.
Read more →Pig butchering scams cost victims $75 billion globally from 2020–2024. Here's how CISOs and fraud prevention managers can detect and disrupt them early.
Read more →94% of leaked passwords are either reused or duplicated across multiple services. Passwords combined with email addresses are the primary gatekeepers to sensitive data — and a critical weakness.
Read more →Victoria's Secret, Adidas — recent incidents show how exposed employee and vendor credentials provide an open door for ransomware, data breaches, and BEC attacks.
Read more →60% of 2024 cyber insurance claims originated from BEC and FTF incidents. BEC claims severity increased 23% year-over-year. Email compromise is an enormous problem — and it's growing.
Read more →A story about Johnny, his million Delta miles, and Billy — who knew exactly how to turn public boasting into account takeover. Understanding credential risk levels is the key to proportionate security.
Read more →Belani brings leadership experience from PayPal, Visa, and multiple fintech startups to drive innovation in ATO prevention and enhanced cybersecurity.
Read more →BEC and FTF accounted for 60% of all cyber insurance claims in 2024. A single wire transfer call saved one landscaper $50,000 — here's the story, and what businesses should do.
Read more →Credential abuse (22%) and exploitation of vulnerabilities (20%) are the leading initial attack vectors per Verizon's 2025 DBIR. Here's what proactive screening looks like in practice.
Read more →87% of travel companies are still losing sleep over Account Takeover. Join industry leaders for an urgent panel discussion on the alarming rise of ATO in the travel sector.
Read more →Even Troy Hunt — the creator of Have I Been Pwned — fell victim to a phishing attack. His immediate, transparent disclosure is a lesson for all of us.
Read more →23andMe's bankruptcy was significantly shaped by a 2023 credential stuffing attack that exposed 6.9 million customers. The $30M settlement should serve as a stark warning to every organization.
Read more →Steve spent years building millions of frequent flyer miles. Then one day his account was gone, his miles plundered, his vacation dreams shattered. ATO in travel is growing 24% year-over-year.
Read more →Something you know, something you have, something you are — the three factors of authentication are supposed to be our digital fortress. Here's how fraudsters breach all three.
Read more →IP address blocking is a rigid, flawed defense. Fraudsters adapt faster than blocks can be applied. A more fluid approach — credential-based detection — doesn't play the cat-and-mouse game.
Read more →24 hours is all it takes a sophisticated fraudster to steal, test, and put compromised credentials on the dark web. Early detection and remediation is the window of opportunity.
Read more →Hackers gained access to PowerSchool through stolen credentials, exposing millions of students' and educators' personal data. Here's what they should have done — and when.
Read more →IP addresses move around like pigeons. Blocking them punishes innocent users and tips off fraudsters. Here's why visibility beats blocking — every time.
Read more →Bot detection and IP blocking blunt attacks — but they won't tell you which accounts were compromised. Active web monitoring is the digital canary that catches what everything else misses.
Read more →56% of global consumers would stop using an online service if the login process became too frustrating. 65% of U.S. consumers would switch to a competitor. MFA everywhere isn't the answer.
Read more →A real credential stuffing attack against a large financial institution, June–August 2024: 8 million usernames tested over 6 weeks, 0.1% success rate, 86% of valid credentials seen previously.
Read more →