What Is Account Takeover Fraud (ATO)? Prevention & More

<!DOCTYPE html> <html lang="en-us" dir="ltr" prefix="content: http://purl.org/rss/1.0/modules/content/ dc: http://purl.org/dc/terms/ foaf: http://xmlns.com/foaf/0.1/ og: http://ogp.me/ns# rdfs: http://www.w3.org/2000/01/rdf-schema# schema: http://schema.org/ sioc: http://rdfs.org/sioc/ns# sioct: http://rdfs.org/sioc/types# skos: http://www.w3.org/2004/02/skos/core# xsd: http://www.w3.org/2001/XMLSchema# " class="page-en"> <head> <script type="text/javascript">(window.NREUM||(NREUM={})).init={privacy:{cookies_enabled:true},ajax:{deny_list:["bam.nr-data.net"]},distributed_tracing:{enabled:true}};(window.NREUM||(NREUM={})).loader_config={agentID:"1120369191",accountID:"6363336",trustKey:"6363336",xpid:"UgUBUlVQDhAJXFBWAAEAUlE=",licenseKey:"NRJS-dc609d42ed81d429509",applicationID:"981470745"};;/*! For license information please see nr-loader-spa-1.281.0.min.js.LICENSE.txt */ (()=>{var e,t,r={8122:(e,t,r)=>{"use strict";r.d(t,{a:()=>i});var n=r(944);function i(e,t){try{if(!e||"object"!=typeof e)return(0,n.R)(3);if(!t||"object"!=typeof t)return(0,n.R)(4);const r=Object.create(Object.getPrototypeOf(t),Object.getOwnPropertyDescriptors(t)),o=0===Object.keys(r).length?e:r;for(let a in o)if(void 0!==e[a])try{if(null===e[a]){r[a]=null;continue}Array.isArray(e[a])&&Array.isArray(t[a])?r[a]=Array.from(new Set([...e[a],...t[a]])):"object"==typeof e[a]&&"object"==typeof t[a]?r[a]=i(e[a],t[a]):r[a]=e[a]}catch(e){(0,n.R)(1,e)}return r}catch(e){(0,n.R)(2,e)}}},2555:(e,t,r)=>{"use strict";r.d(t,{Vp:()=>c,fn:()=>s,x1:()=>u});var n=r(384),i=r(8122);const o={beacon:n.NT.beacon,errorBeacon:n.NT.errorBeacon,licenseKey:void 0,applicationID:void 0,sa:void 0,queueTime:void 0,applicationTime:void 0,ttGuid:void 0,user:void 0,account:void 0,product:void 0,extra:void 0,jsAttributes:{},userAttributes:void 0,atts:void 0,transactionName:void 0,tNamePlain:void 0},a={};function s(e){try{const t=c(e);return!!t.licenseKey&&!!t.errorBeacon&&!!t.applicationID}catch(e){return!1}}function c(e){if(!e)throw new Error("All info objects require an agent identifier!");if(!a[e])throw new Error("Info for ".concat(e," was never set"));return a[e]}function u(e,t){if(!e)throw new Error("All info objects require an agent identifier!");a[e]=(0,i.a)(t,o);const r=(0,n.nY)(e);r&&(r.info=a[e])}},9417:(e,t,r)=>{"use strict";r.d(t,{D0:()=>p,gD:()=>m,xN:()=>g});var n=r(3333),i=r(993);const o=e=>{if(!e||"string"!=typeof e)return!1;try{document.createDocumentFragment().querySelector(e)}catch{return!1}return!0};var a=r(2614),s=r(944),c=r(384),u=r(8122);const d="[data-nr-mask]",l=()=>{const e={feature_flags:[],experimental:{marks:!1,measures:!1,resources:!1},mask_selector:"*",block_selector:"[data-nr-block]",mask_input_options:{color:!1,date:!1,"datetime-local":!1,email:!1,month:!1,number:!1,range:!1,search:!1,tel:!1,text:!1,time:!1,url:!1,week:!1,textarea:!1,select:!1,password:!0}};return{ajax:{deny_list:void 0,block_internal:!0,enabled:!0,autoStart:!0},distributed_tracing:{enabled:void 0,exclude_newrelic_header:void 0,cors_use_newrelic_header:void 0,cors_use_tracecontext_headers:void 0,allowed_origins:void 0},get feature_flags(){return e.feature_flags},set feature_flags(t){e.feature_flags=t},generic_events:{enabled:!0,autoStart:!0},harvest:{interval:30},jserrors:{enabled:!0,autoStart:!0},logging:{enabled:!0,autoStart:!0,level:i.p_.INFO},metrics:{enabled:!0,autoStart:!0},obfuscate:void 0,page_action:{enabled:!0},page_view_event:{enabled:!0,autoStart:!0},page_view_timing:{enabled:!0,autoStart:!0},performance:{get capture_marks(){return e.feature_flags.includes(n.$v.MARKS)||e.experimental.marks},set capture_marks(t){e.experimental.marks=t},get capture_measures(){return e.feature_flags.includes(n.$v.MEASURES)||e.experimental.measures},set capture_measures(t){e.experimental.measures=t},capture_detail:!0,resources:{get enabled(){return e.feature_flags.includes(n.$v.RESOURCES)||e.experimental.resources},set enabled(t){e.experimental.resources=t},asset_types:[],first_party_domains:[],ignore_newrelic:!0}},privacy:{cookies_enabled:!0},proxy:{assets:void 0,beacon:void 0},session:{expiresMs:a.wk,inactiveMs:a.BB},session_replay:{autoStart:!0,enabled:!1,preload:!1,sampling_rate:10,error_sampling_rate:100,collect_fonts:!1,inline_images:!1,fix_stylesheets:!0,mask_all_inputs:!0,get mask_text_selector(){return e.mask_selector},set mask_text_selector(t){o(t)?e.mask_selector="".concat(t,",").concat(d):""===t||null===t?e.mask_selector=d:(0,s.R)(5,t)},get block_class(){return"nr-block"},get ignore_class(){return"nr-ignore"},get mask_text_class(){return"nr-mask"},get block_selector(){return e.block_selector},set block_selector(t){o(t)?e.block_selector+=",".concat(t):""!==t&&(0,s.R)(6,t)},get mask_input_options(){return e.mask_input_options},set mask_input_options(t){t&&"object"==typeof t?e.mask_input_options={...t,password:!0}:(0,s.R)(7,t)}},session_trace:{enabled:!0,autoStart:!0},soft_navigations:{enabled:!0,autoStart:!0},spa:{enabled:!0,autoStart:!0},ssl:void 0,user_actions:{enabled:!0,elementAttributes:["id","className","tagName","type"]}}},f={},h="All configuration objects require an agent identifier!";function p(e){if(!e)throw new Error(h);if(!f[e])throw new Error("Configuration for ".concat(e," was never set"));return f[e]}function g(e,t){if(!e)throw new Error(h);f[e]=(0,u.a)(t,l());const r=(0,c.nY)(e);r&&(r.init=f[e])}function m(e,t){if(!e)throw new Error(h);var r=p(e);if(r){for(var n=t.split("."),i=0;i<n.length-1;i++)if("object"!=typeof(r=r[n[i]]))return;r=r[n[n.length-1]]}return r}},5603:(e,t,r)=>{"use strict";r.d(t,{a:()=>c,o:()=>s});var n=r(384),i=r(8122);const o={accountID:void 0,trustKey:void 0,agentID:void 0,licenseKey:void 0,applicationID:void 0,xpid:void 0},a={};function s(e){if(!e)throw new Error("All loader-config objects require an agent identifier!");if(!a[e])throw new Error("LoaderConfig for ".concat(e," was never set"));return a[e]}function c(e,t){if(!e)throw new Error("All loader-config objects require an agent identifier!");a[e]=(0,i.a)(t,o);const r=(0,n.nY)(e);r&&(r.loader_config=a[e])}},3371:(e,t,r)=>{"use strict";r.d(t,{V:()=>f,f:()=>l});var n=r(8122),i=r(384),o=r(6154),a=r(9324);let s=0;const c={buildEnv:a.F3,distMethod:a.Xs,version:a.xv,originTime:o.WN},u={customTransaction:void 0,disabled:!1,isolatedBacklog:!1,loaderType:void 0,maxBytes:3e4,onerror:void 0,ptid:void 0,releaseIds:{},appMetadata:{},session:void 0,denyList:void 0,timeKeeper:void 0,obfuscator:void 0,harvester:void 0},d={};function l(e){if(!e)throw new Error("All runtime objects require an agent identifier!");if(!d[e])throw new Error("Runtime for ".concat(e," was never set"));return d[e]}function f(e,t){if(!e)throw new Error("All runtime objects require an agent identifier!");d[e]={...(0,n.a)(t,u),...c},Object.hasOwnProperty.call(d[e],"harvestCount")||Object.defineProperty(d[e],"harvestCount",{get:()=>++s});const r=(0,i.nY)(e);r&&(r.runtime=d[e])}},9324:(e,t,r)=>{"use strict";r.d(t,{F3:()=>i,Xs:()=>o,Yq:()=>a,xv:()=>n});const n="1.281.0",i="PROD",o="CDN",a="^2.0.0-alpha.17"},6154:(e,t,r)=>{"use strict";r.d(t,{A4:()=>s,OF:()=>d,RI:()=>i,WN:()=>h,bv:()=>o,gm:()=>a,lR:()=>f,m:()=>u,mw:()=>c,sb:()=>l});var n=r(1863);const i="undefined"!=typeof window&&!!window.document,o="undefined"!=typeof WorkerGlobalScope&&("undefined"!=typeof self&&self instanceof WorkerGlobalScope&&self.navigator instanceof WorkerNavigator||"undefined"!=typeof globalThis&&globalThis instanceof WorkerGlobalScope&&globalThis.navigator instanceof WorkerNavigator),a=i?window:"undefined"!=typeof WorkerGlobalScope&&("undefined"!=typeof self&&self instanceof WorkerGlobalScope&&self||"undefined"!=typeof globalThis&&globalThis instanceof WorkerGlobalScope&&globalThis),s="complete"===a?.document?.readyState,c=Boolean("hidden"===a?.document?.visibilityState),u=""+a?.location,d=/iPad|iPhone|iPod/.test(a.navigator?.userAgent),l=d&&"undefined"==typeof SharedWorker,f=(()=>{const e=a.navigator?.userAgent?.match(/Firefox[/\s](\d+\.\d+)/);return Array.isArray(e)&&e.length>=2?+e[1]:0})(),h=Date.now()-(0,n.t)()},7295:(e,t,r)=>{"use strict";r.d(t,{Xv:()=>a,gX:()=>i,iW:()=>o});var n=[];function i(e){if(!e||o(e))return!1;if(0===n.length)return!0;for(var t=0;t<n.length;t++){var r=n[t];if("*"===r.hostname)return!1;if(s(r.hostname,e.hostname)&&c(r.pathname,e.pathname))return!1}return!0}function o(e){return void 0===e.hostname}function a(e){if(n=[],e&&e.length)for(var t=0;t<e.length;t++){let r=e[t];if(!r)continue;0===r.indexOf("http://")?r=r.substring(7):0===r.indexOf("https://")&&(r=r.substring(8));const i=r.indexOf("/");let o,a;i>0?(o=r.substring(0,i),a=r.substring(i)):(o=r,a="");let[s]=o.split(":");n.push({hostname:s,pathname:a})}}function s(e,t){return!(e.length>t.length)&&t.indexOf(e)===t.length-e.length}function c(e,t){return 0===e.indexOf("/")&&(e=e.substring(1)),0===t.indexOf("/")&&(t=t.substring(1)),""===e||e===t}},1687:(e,t,r)=>{"use strict";r.d(t,{Ak:()=>c,Ze:()=>l,x3:()=>u});var n=r(7836),i=r(3606),o=r(860),a=r(2646);const s={};function c(e,t){const r={staged:!1,priority:o.P3[t]||0};d(e),s[e].get(t)||s[e].set(t,r)}function u(e,t){e&&s[e]&&(s[e].get(t)&&s[e].delete(t),h(e,t,!1),s[e].size&&f(e))}function d(e){if(!e)throw new Error("agentIdentifier required");s[e]||(s[e]=new Map)}function l(e="",t="feature",r=!1){if(d(e),!e||!s[e].get(t)||r)return h(e,t);s[e].get(t).staged=!0,f(e)}function f(e){const t=Array.from(s[e]);t.every((([e,t])=>t.staged))&&(t.sort(((e,t)=>e[1].priority-t[1].priority)),t.forEach((([t])=>{s[e].delete(t),h(e,t)})))}function h(e,t,r=!0){const o=e?n.ee.get(e):n.ee,s=i.i.handlers;if(!o.aborted&&o.backlog&&s){if(r){const e=o.backlog[t],r=s[t];if(r){for(let t=0;e&&t<e.length;++t)p(e[t],r);Object.entries(r).forEach((([e,t])=>{Object.values(t||{}).forEach((t=>{t[0]?.on&&t[0]?.context()instanceof a.y&&t[0].on(e,t[1])}))}))}}o.isolatedBacklog||delete s[t],o.backlog[t]=null,o.emit("drain-"+t,[])}}function p(e,t){var r=e[1];Object.values(t[r]||{}).forEach((t=>{var r=e[0];if(t[0]===r){var n=t[1],i=e[3],o=e[2];n.apply(i,o)}}))}},7836:(e,t,r)=>{"use strict";r.d(t,{P:()=>c,ee:()=>u});var n=r(384),i=r(8990),o=r(3371),a=r(2646),s=r(5607);const c="nr@context:".concat(s.W),u=function e(t,r){var n={},s={},d={},l=!1;try{l=16===r.length&&(0,o.f)(r).isolatedBacklog}catch(e){}var f={on:p,addEventListener:p,removeEventListener:function(e,t){var r=n[e];if(!r)return;for(var i=0;i<r.length;i++)r[i]===t&&r.splice(i,1)},emit:function(e,r,n,i,o){!1!==o&&(o=!0);if(u.aborted&&!i)return;t&&o&&t.emit(e,r,n);for(var a=h(n),c=g(e),d=c.length,l=0;l<d;l++)c[l].apply(a,r);var p=v()[s[e]];p&&p.push([f,e,r,a]);return a},get:m,listeners:g,context:h,buffer:function(e,t){const r=v();if(t=t||"feature",f.aborted)return;Object.entries(e||{}).forEach((([e,n])=>{s[n]=t,t in r||(r[t]=[])}))},abort:function(){f._aborted=!0,Object.keys(f.backlog).forEach((e=>{delete f.backlog[e]}))},isBuffering:function(e){return!!v()[s[e]]},debugId:r,backlog:l?{}:t&&"object"==typeof t.backlog?t.backlog:{},isolatedBacklog:l};return Object.defineProperty(f,"aborted",{get:()=>{let e=f._aborted||!1;return e||(t&&(e=t.aborted),e)}}),f;function h(e){return e&&e instanceof a.y?e:e?(0,i.I)(e,c,(()=>new a.y(c))):new a.y(c)}function p(e,t){n[e]=g(e).concat(t)}function g(e){return n[e]||[]}function m(t){return d[t]=d[t]||e(f,t)}function v(){return f.backlog}}(void 0,"globalEE"),d=(0,n.Zm)();d.ee||(d.ee=u)},2646:(e,t,r)=>{"use strict";r.d(t,{y:()=>n});class n{constructor(e){this.contextId=e}}},9908:(e,t,r)=>{"use strict";r.d(t,{d:()=>n,p:()=>i});var n=r(7836).ee.get("handle");function i(e,t,r,i,o){o?(o.buffer([e],i),o.emit(e,t,r)):(n.buffer([e],i),n.emit(e,t,r))}},3606:(e,t,r)=>{"use strict";r.d(t,{i:()=>o});var n=r(9908);o.on=a;var i=o.handlers={};function o(e,t,r,o){a(o||n.d,i,e,t,r)}function a(e,t,r,i,o){o||(o="feature"),e||(e=n.d);var a=t[o]=t[o]||{};(a[r]=a[r]||[]).push([e,i])}},3878:(e,t,r)=>{"use strict";function n(e,t){return{capture:e,passive:!1,signal:t}}function i(e,t,r=!1,i){window.addEventListener(e,t,n(r,i))}function o(e,t,r=!1,i){document.addEventListener(e,t,n(r,i))}r.d(t,{DD:()=>o,jT:()=>n,sp:()=>i})},5607:(e,t,r)=>{"use strict";r.d(t,{W:()=>n});const n=(0,r(9566).bz)()},9566:(e,t,r)=>{"use strict";r.d(t,{LA:()=>s,ZF:()=>c,bz:()=>a,el:()=>u});var n=r(6154);const i="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx";function o(e,t){return e?15&e[t]:16*Math.random()|0}function a(){const e=n.gm?.crypto||n.gm?.msCrypto;let t,r=0;return e&&e.getRandomValues&&(t=e.getRandomValues(new Uint8Array(30))),i.split("").map((e=>"x"===e?o(t,r++).toString(16):"y"===e?(3&o()|8).toString(16):e)).join("")}function s(e){const t=n.gm?.crypto||n.gm?.msCrypto;let r,i=0;t&&t.getRandomValues&&(r=t.getRandomValues(new Uint8Array(e)));const a=[];for(var s=0;s<e;s++)a.push(o(r,i++).toString(16));return a.join("")}function c(){return s(16)}function u(){return s(32)}},2614:(e,t,r)=>{"use strict";r.d(t,{BB:()=>a,H3:()=>n,g:()=>u,iL:()=>c,tS:()=>s,uh:()=>i,wk:()=>o});const n="NRBA",i="SESSION",o=144e5,a=18e5,s={STARTED:"session-started",PAUSE:"session-pause",RESET:"session-reset",RESUME:"session-resume",UPDATE:"session-update"},c={SAME_TAB:"same-tab",CROSS_TAB:"cross-tab"},u={OFF:0,FULL:1,ERROR:2}},1863:(e,t,r)=>{"use strict";function n(){return Math.floor(performance.now())}r.d(t,{t:()=>n})},7485:(e,t,r)=>{"use strict";r.d(t,{D:()=>i});var n=r(6154);function i(e){if(0===(e||"").indexOf("data:"))return{protocol:"data"};try{const t=new URL(e,location.href),r={port:t.port,hostname:t.hostname,pathname:t.pathname,search:t.search,protocol:t.protocol.slice(0,t.protocol.indexOf(":")),sameOrigin:t.protocol===n.gm?.location?.protocol&&t.host===n.gm?.location?.host};return r.port&&""!==r.port||("http:"===t.protocol&&(r.port="80"),"https:"===t.protocol&&(r.port="443")),r.pathname&&""!==r.pathname?r.pathname.startsWith("/")||(r.pathname="/".concat(r.pathname)):r.pathname="/",r}catch(e){return{}}}},944:(e,t,r)=>{"use strict";function n(e,t){"function"==typeof console.debug&&console.debug("New Relic Warning: https://github.com/newrelic/newrelic-browser-agent/blob/main/docs/warning-codes.md#".concat(e),t)}r.d(t,{R:()=>n})},5284:(e,t,r)=>{"use strict";r.d(t,{t:()=>c,B:()=>s});var n=r(7836),i=r(6154);const o="newrelic";const a=new Set,s={};function c(e,t){const r=n.ee.get(t);s[t]??={},e&&"object"==typeof e&&(a.has(t)||(r.emit("rumresp",[e]),s[t]=e,a.add(t),function(e={}){try{i.gm.dispatchEvent(new CustomEvent(o,{detail:e}))}catch(e){}}({loaded:!0})))}},8990:(e,t,r)=>{"use strict";r.d(t,{I:()=>i});var n=Object.prototype.hasOwnProperty;function i(e,t,r){if(n.call(e,t))return e[t];var i=r();if(Object.defineProperty&&Object.keys)try{return Object.defineProperty(e,t,{value:i,writable:!0,enumerable:!1}),i}catch(e){}return e[t]=i,i}},6389:(e,t,r)=>{"use strict";function n(e,t=500,r={}){const n=r?.leading||!1;let i;return(...r)=>{n&&void 0===i&&(e.apply(this,r),i=setTimeout((()=>{i=clearTimeout(i)}),t)),n||(clearTimeout(i),i=setTimeout((()=>{e.apply(this,r)}),t))}}function i(e){let t=!1;return(...r)=>{t||(t=!0,e.apply(this,r))}}r.d(t,{J:()=>i,s:()=>n})},3304:(e,t,r)=>{"use strict";r.d(t,{A:()=>o});var n=r(7836);const i=()=>{const e=new WeakSet;return(t,r)=>{if("object"==typeof r&&null!==r){if(e.has(r))return;e.add(r)}return r}};function o(e){try{return JSON.stringify(e,i())??""}catch(e){try{n.ee.emit("internal-error",[e])}catch(e){}return""}}},5289:(e,t,r)=>{"use strict";r.d(t,{GG:()=>o,sB:()=>a});var n=r(3878);function i(){return"undefined"==typeof document||"complete"===document.readyState}function o(e,t){if(i())return e();(0,n.sp)("load",e,t)}function a(e){if(i())return e();(0,n.DD)("DOMContentLoaded",e)}},384:(e,t,r)=>{"use strict";r.d(t,{NT:()=>o,US:()=>d,Zm:()=>a,bQ:()=>c,dV:()=>s,nY:()=>u,pV:()=>l});var n=r(6154),i=r(1863);const o={beacon:"bam.nr-data.net",errorBeacon:"bam.nr-data.net"};function a(){return n.gm.NREUM||(n.gm.NREUM={}),void 0===n.gm.newrelic&&(n.gm.newrelic=n.gm.NREUM),n.gm.NREUM}function s(){let e=a();return e.o||(e.o={ST:n.gm.setTimeout,SI:n.gm.setImmediate,CT:n.gm.clearTimeout,XHR:n.gm.XMLHttpRequest,REQ:n.gm.Request,EV:n.gm.Event,PR:n.gm.Promise,MO:n.gm.MutationObserver,FETCH:n.gm.fetch,WS:n.gm.WebSocket}),e}function c(e,t){let r=a();r.initializedAgents??={},t.initializedAt={ms:(0,i.t)(),date:new Date},r.initializedAgents[e]=t}function u(e){let t=a();return t.initializedAgents?.[e]}function d(e,t){a()[e]=t}function l(){return function(){let e=a();const t=e.info||{};e.info={beacon:o.beacon,errorBeacon:o.errorBeacon,...t}}(),function(){let e=a();const t=e.init||{};e.init={...t}}(),s(),function(){let e=a();const t=e.loader_config||{};e.loader_config={...t}}(),a()}},2843:(e,t,r)=>{"use strict";r.d(t,{u:()=>i});var n=r(3878);function i(e,t=!1,r,i){(0,n.DD)("visibilitychange",(function(){if(t)return void("hidden"===document.visibilityState&&e());e(document.visibilityState)}),r,i)}},8139:(e,t,r)=>{"use strict";r.d(t,{u:()=>f});var n=r(7836),i=r(3434),o=r(8990),a=r(6154);const s={},c=a.gm.XMLHttpRequest,u="addEventListener",d="removeEventListener",l="nr@wrapped:".concat(n.P);function f(e){var t=function(e){return(e||n.ee).get("events")}(e);if(s[t.debugId]++)return t;s[t.debugId]=1;var r=(0,i.YM)(t,!0);function f(e){r.inPlace(e,[u,d],"-",p)}function p(e,t){return e[1]}return"getPrototypeOf"in Object&&(a.RI&&h(document,f),c&&h(c.prototype,f),h(a.gm,f)),t.on(u+"-start",(function(e,t){var n=e[1];if(null!==n&&("function"==typeof n||"object"==typeof n)){var i=(0,o.I)(n,l,(function(){var e={object:function(){if("function"!=typeof n.handleEvent)return;return n.handleEvent.apply(n,arguments)},function:n}[typeof n];return e?r(e,"fn-",null,e.name||"anonymous"):n}));this.wrapped=e[1]=i}})),t.on(d+"-start",(function(e){e[1]=this.wrapped||e[1]})),t}function h(e,t,...r){let n=e;for(;"object"==typeof n&&!Object.prototype.hasOwnProperty.call(n,u);)n=Object.getPrototypeOf(n);n&&t(n,...r)}},3434:(e,t,r)=>{"use strict";r.d(t,{Jt:()=>o,YM:()=>c});var n=r(7836),i=r(5607);const o="nr@original:".concat(i.W);var a=Object.prototype.hasOwnProperty,s=!1;function c(e,t){return e||(e=n.ee),r.inPlace=function(e,t,n,i,o){n||(n="");const a="-"===n.charAt(0);for(let s=0;s<t.length;s++){const c=t[s],u=e[c];d(u)||(e[c]=r(u,a?c+n:n,i,c,o))}},r.flag=o,r;function r(t,r,n,s,c){return d(t)?t:(r||(r=""),nrWrapper[o]=t,function(e,t,r){if(Object.defineProperty&&Object.keys)try{return Object.keys(e).forEach((function(r){Object.defineProperty(t,r,{get:function(){return e[r]},set:function(t){return e[r]=t,t}})})),t}catch(e){u([e],r)}for(var n in e)a.call(e,n)&&(t[n]=e[n])}(t,nrWrapper,e),nrWrapper);function nrWrapper(){var o,a,d,l;try{a=this,o=[...arguments],d="function"==typeof n?n(o,a):n||{}}catch(t){u([t,"",[o,a,s],d],e)}i(r+"start",[o,a,s],d,c);try{return l=t.apply(a,o)}catch(e){throw i(r+"err",[o,a,e],d,c),e}finally{i(r+"end",[o,a,l],d,c)}}}function i(r,n,i,o){if(!s||t){var a=s;s=!0;try{e.emit(r,n,i,t,o)}catch(t){u([t,r,n,i],e)}s=a}}}function u(e,t){t||(t=n.ee);try{t.emit("internal-error",e)}catch(e){}}function d(e){return!(e&&"function"==typeof e&&e.apply&&!e[o])}},9300:(e,t,r)=>{"use strict";r.d(t,{T:()=>n});const n=r(860).K7.ajax},3333:(e,t,r)=>{"use strict";r.d(t,{$v:()=>u,TZ:()=>n,Zp:()=>i,kd:()=>c,mq:()=>s,nf:()=>a,qN:()=>o});const n=r(860).K7.genericEvents,i=["auxclick","click","copy","keydown","paste","scrollend"],o=["focus","blur"],a=4,s=1e3,c=["PageAction","UserAction","BrowserPerformance"],u={MARKS:"experimental.marks",MEASURES:"experimental.measures",RESOURCES:"experimental.resources"}},6774:(e,t,r)=>{"use strict";r.d(t,{T:()=>n});const n=r(860).K7.jserrors},993:(e,t,r)=>{"use strict";r.d(t,{ET:()=>o,TZ:()=>a,p_:()=>i});var n=r(860);const i={ERROR:"ERROR",WARN:"WARN",INFO:"INFO",DEBUG:"DEBUG",TRACE:"TRACE"},o="log",a=n.K7.logging},3785:(e,t,r)=>{"use strict";r.d(t,{R:()=>c,b:()=>u});var n=r(9908),i=r(1863),o=r(860),a=r(3969),s=r(993);function c(e,t,r={},c=s.p_.INFO){(0,n.p)(a.xV,["API/logging/".concat(c.toLowerCase(),"/called")],void 0,o.K7.metrics,e),(0,n.p)(s.ET,[(0,i.t)(),t,r,c],void 0,o.K7.logging,e)}function u(e){return"string"==typeof e&&Object.values(s.p_).some((t=>t===e.toUpperCase().trim()))}},3969:(e,t,r)=>{"use strict";r.d(t,{TZ:()=>n,XG:()=>s,rs:()=>i,xV:()=>a,z_:()=>o});const n=r(860).K7.metrics,i="sm",o="cm",a="storeSupportabilityMetrics",s="storeEventMetrics"},6630:(e,t,r)=>{"use strict";r.d(t,{T:()=>n});const n=r(860).K7.pageViewEvent},782:(e,t,r)=>{"use strict";r.d(t,{T:()=>n});const n=r(860).K7.pageViewTiming},6344:(e,t,r)=>{"use strict";r.d(t,{BB:()=>d,G4:()=>o,Qb:()=>l,TZ:()=>i,Ug:()=>a,_s:()=>s,bc:()=>u,yP:()=>c});var n=r(2614);const i=r(860).K7.sessionReplay,o={RECORD:"recordReplay",PAUSE:"pauseReplay",REPLAY_RUNNING:"replayRunning",ERROR_DURING_REPLAY:"errorDuringReplay"},a=.12,s={DomContentLoaded:0,Load:1,FullSnapshot:2,IncrementalSnapshot:3,Meta:4,Custom:5},c={[n.g.ERROR]:15e3,[n.g.FULL]:3e5,[n.g.OFF]:0},u={RESET:{message:"Session was reset",sm:"Reset"},IMPORT:{message:"Recorder failed to import",sm:"Import"},TOO_MANY:{message:"429: Too Many Requests",sm:"Too-Many"},TOO_BIG:{message:"Payload was too large",sm:"Too-Big"},CROSS_TAB:{message:"Session Entity was set to OFF on another tab",sm:"Cross-Tab"},ENTITLEMENTS:{message:"Session Replay is not allowed and will not be started",sm:"Entitlement"}},d=5e3,l={API:"api"}},5270:(e,t,r)=>{"use strict";r.d(t,{Aw:()=>c,CT:()=>u,SR:()=>s});var n=r(384),i=r(9417),o=r(7767),a=r(6154);function s(e){return!!(0,n.dV)().o.MO&&(0,o.V)(e)&&!0===(0,i.gD)(e,"session_trace.enabled")}function c(e){return!0===(0,i.gD)(e,"session_replay.preload")&&s(e)}function u(e,t){const r=t.correctAbsoluteTimestamp(e);return{originalTimestamp:e,correctedTimestamp:r,timestampDiff:e-r,originTime:a.WN,correctedOriginTime:t.correctedOriginTime,originTimeDiff:Math.floor(a.WN-t.correctedOriginTime)}}},3738:(e,t,r)=>{"use strict";r.d(t,{He:()=>i,Kp:()=>s,Lc:()=>u,Rz:()=>d,TZ:()=>n,bD:()=>o,d3:()=>a,jx:()=>l,uP:()=>c});const n=r(860).K7.sessionTrace,i="bstResource",o="resource",a="-start",s="-end",c="fn"+a,u="fn"+s,d="pushState",l=1e3},3962:(e,t,r)=>{"use strict";r.d(t,{AM:()=>o,O2:()=>c,Qu:()=>u,TZ:()=>s,ih:()=>d,pP:()=>a,tC:()=>i});var n=r(860);const i=["click","keydown","submit","popstate"],o="api",a="initialPageLoad",s=n.K7.softNav,c={INITIAL_PAGE_LOAD:"",ROUTE_CHANGE:1,UNSPECIFIED:2},u={INTERACTION:1,AJAX:2,CUSTOM_END:3,CUSTOM_TRACER:4},d={IP:"in progress",FIN:"finished",CAN:"cancelled"}},7378:(e,t,r)=>{"use strict";r.d(t,{$p:()=>x,BR:()=>b,Kp:()=>R,L3:()=>y,Lc:()=>c,NC:()=>o,SG:()=>d,TZ:()=>i,U6:()=>p,UT:()=>m,d3:()=>w,dT:()=>f,e5:()=>T,gx:()=>v,l9:()=>l,oW:()=>h,op:()=>g,rw:()=>u,tH:()=>A,uP:()=>s,wW:()=>E,xq:()=>a});var n=r(384);const i=r(860).K7.spa,o=["click","submit","keypress","keydown","keyup","change"],a=999,s="fn-start",c="fn-end",u="cb-start",d="api-ixn-",l="remaining",f="interaction",h="spaNode",p="jsonpNode",g="fetch-start",m="fetch-done",v="fetch-body-",b="jsonp-end",y=(0,n.dV)().o.ST,w="-start",R="-end",x="-body",E="cb"+R,T="jsTime",A="fetch"},4234:(e,t,r)=>{"use strict";r.d(t,{W:()=>o});var n=r(7836),i=r(1687);class o{constructor(e,t){this.agentIdentifier=e,this.ee=n.ee.get(e),this.featureName=t,this.blocked=!1}deregisterDrain(){(0,i.x3)(this.agentIdentifier,this.featureName)}}},7767:(e,t,r)=>{"use strict";r.d(t,{V:()=>o});var n=r(9417),i=r(6154);const o=e=>i.RI&&!0===(0,n.gD)(e,"privacy.cookies_enabled")},425:(e,t,r)=>{"use strict";r.d(t,{j:()=>j});var n=r(860),i=r(2555),o=r(3371),a=r(9908),s=r(7836),c=r(1687),u=r(5289),d=r(6154),l=r(944),f=r(3969),h=r(384),p=r(6344);const g=["setErrorHandler","finished","addToTrace","addRelease","recordCustomEvent","addPageAction","setCurrentRouteName","setPageViewName","setCustomAttribute","interaction","noticeError","setUserId","setApplicationVersion","start",p.G4.RECORD,p.G4.PAUSE,"log","wrapLogger"],m=["setErrorHandler","finished","addToTrace","addRelease"];var v=r(1863),b=r(2614),y=r(993),w=r(3785),R=r(2646),x=r(3434);const E=new Map;function T(e,t,r,n){if("object"!=typeof t||!t||"string"!=typeof r||!r||"function"!=typeof t[r])return(0,l.R)(29);const i=function(e){return(e||s.ee).get("logger")}(e),o=(0,x.YM)(i),a=new R.y(s.P);a.level=n.level,a.customAttributes=n.customAttributes;const c=t[r]?.[x.Jt]||t[r];return E.set(c,a),o.inPlace(t,[r],"wrap-logger-",(()=>E.get(c))),i}function A(){const e=(0,h.pV)();g.forEach((t=>{e[t]=(...r)=>function(t,...r){let n=[];return Object.values(e.initializedAgents).forEach((e=>{e&&e.api?e.exposed&&e.api[t]&&n.push(e.api[t](...r)):(0,l.R)(38,t)})),n.length>1?n:n[0]}(t,...r)}))}const S={};var N=r(9417),_=r(5603),O=r(5284);const I=e=>{const t=e.startsWith("http");e+="/",r.p=t?e:"https://"+e};let P=!1;function j(e,t={},g,R){let{init:x,info:E,loader_config:j,runtime:C={},exposed:k=!0}=t;C.loaderType=g;const L=(0,h.pV)();E||(x=L.init,E=L.info,j=L.loader_config),(0,N.xN)(e.agentIdentifier,x||{}),(0,_.a)(e.agentIdentifier,j||{}),E.jsAttributes??={},d.bv&&(E.jsAttributes.isWorker=!0),(0,i.x1)(e.agentIdentifier,E);const H=(0,N.D0)(e.agentIdentifier),M=[E.beacon,E.errorBeacon];P||(H.proxy.assets&&(I(H.proxy.assets),M.push(H.proxy.assets)),H.proxy.beacon&&M.push(H.proxy.beacon),A(),(0,h.US)("activatedFeatures",O.B),e.runSoftNavOverSpa&&=!0===H.soft_navigations.enabled&&H.feature_flags.includes("soft_nav")),C.denyList=[...H.ajax.deny_list||[],...H.ajax.block_internal?M:[]],C.ptid=e.agentIdentifier,(0,o.V)(e.agentIdentifier,C),e.ee=s.ee.get(e.agentIdentifier),void 0===e.api&&(e.api=function(e,t,h=!1){t||(0,c.Ak)(e,"api");const g={};var R=s.ee.get(e),x=R.get("tracer");S[e]=b.g.OFF,R.on(p.G4.REPLAY_RUNNING,(t=>{S[e]=t}));var E="api-",A=E+"ixn-";function N(t,r,n,o){const a=(0,i.Vp)(e);return null===r?delete a.jsAttributes[t]:(0,i.x1)(e,{...a,jsAttributes:{...a.jsAttributes,[t]:r}}),I(E,n,!0,o||null===r?"session":void 0)(t,r)}function _(){}g.log=function(e,{customAttributes:t={},level:r=y.p_.INFO}={}){(0,a.p)(f.xV,["API/log/called"],void 0,n.K7.metrics,R),(0,w.R)(R,e,t,r)},g.wrapLogger=(e,t,{customAttributes:r={},level:i=y.p_.INFO}={})=>{(0,a.p)(f.xV,["API/wrapLogger/called"],void 0,n.K7.metrics,R),T(R,e,t,{customAttributes:r,level:i})},m.forEach((e=>{g[e]=I(E,e,!0,"api")})),g.addPageAction=I(E,"addPageAction",!0,n.K7.genericEvents),g.recordCustomEvent=I(E,"recordCustomEvent",!0,n.K7.genericEvents),g.setPageViewName=function(t,r){if("string"==typeof t)return"/"!==t.charAt(0)&&(t="/"+t),(0,o.f)(e).customTransaction=(r||"http://custom.transaction")+t,I(E,"setPageViewName",!0)()},g.setCustomAttribute=function(e,t,r=!1){if("string"==typeof e){if(["string","number","boolean"].includes(typeof t)||null===t)return N(e,t,"setCustomAttribute",r);(0,l.R)(40,typeof t)}else(0,l.R)(39,typeof e)},g.setUserId=function(e){if("string"==typeof e||null===e)return N("enduser.id",e,"setUserId",!0);(0,l.R)(41,typeof e)},g.setApplicationVersion=function(e){if("string"==typeof e||null===e)return N("application.version",e,"setApplicationVersion",!1);(0,l.R)(42,typeof e)},g.start=()=>{try{(0,a.p)(f.xV,["API/start/called"],void 0,n.K7.metrics,R),R.emit("manual-start-all")}catch(e){(0,l.R)(23,e)}},g[p.G4.RECORD]=function(){(0,a.p)(f.xV,["API/recordReplay/called"],void 0,n.K7.metrics,R),(0,a.p)(p.G4.RECORD,[],void 0,n.K7.sessionReplay,R)},g[p.G4.PAUSE]=function(){(0,a.p)(f.xV,["API/pauseReplay/called"],void 0,n.K7.metrics,R),(0,a.p)(p.G4.PAUSE,[],void 0,n.K7.sessionReplay,R)},g.interaction=function(e){return(new _).get("object"==typeof e?e:{})};const O=_.prototype={createTracer:function(e,t){var r={},i=this,o="function"==typeof t;return(0,a.p)(f.xV,["API/createTracer/called"],void 0,n.K7.metrics,R),h||(0,a.p)(A+"tracer",[(0,v.t)(),e,r],i,n.K7.spa,R),function(){if(x.emit((o?"":"no-")+"fn-start",[(0,v.t)(),i,o],r),o)try{return t.apply(this,arguments)}catch(e){const t="string"==typeof e?new Error(e):e;throw x.emit("fn-err",[arguments,this,t],r),t}finally{x.emit("fn-end",[(0,v.t)()],r)}}}};function I(e,t,r,i){return function(){return(0,a.p)(f.xV,["API/"+t+"/called"],void 0,n.K7.metrics,R),i&&(0,a.p)(e+t,[r?(0,v.t)():performance.now(),...arguments],r?null:this,i,R),r?void 0:this}}function P(){r.e(478).then(r.bind(r,8778)).then((({setAPI:t})=>{t(e),(0,c.Ze)(e,"api")})).catch((e=>{(0,l.R)(27,e),R.abort()}))}return["actionText","setName","setAttribute","save","ignore","onEnd","getContext","end","get"].forEach((e=>{O[e]=I(A,e,void 0,h?n.K7.softNav:n.K7.spa)})),g.setCurrentRouteName=h?I(A,"routeName",void 0,n.K7.softNav):I(E,"routeName",!0,n.K7.spa),g.noticeError=function(t,r){"string"==typeof t&&(t=new Error(t)),(0,a.p)(f.xV,["API/noticeError/called"],void 0,n.K7.metrics,R),(0,a.p)("err",[t,(0,v.t)(),!1,r,!!S[e]],void 0,n.K7.jserrors,R)},d.RI?(0,u.GG)((()=>P()),!0):P(),g}(e.agentIdentifier,R,e.runSoftNavOverSpa)),void 0===e.exposed&&(e.exposed=k),P=!0}},8374:(e,t,r)=>{r.nc=(()=>{try{return document?.currentScript?.nonce}catch(e){}return""})()},860:(e,t,r)=>{"use strict";r.d(t,{$J:()=>u,K7:()=>s,P3:()=>c,XX:()=>i,qY:()=>n,v4:()=>a});const n="events",i="jserrors",o="browser/blobs",a="rum",s={ajax:"ajax",genericEvents:"generic_events",jserrors:i,logging:"logging",metrics:"metrics",pageAction:"page_action",pageViewEvent:"page_view_event",pageViewTiming:"page_view_timing",sessionReplay:"session_replay",sessionTrace:"session_trace",softNav:"soft_navigations",spa:"spa"},c={[s.pageViewEvent]:1,[s.pageViewTiming]:2,[s.metrics]:3,[s.jserrors]:4,[s.spa]:5,[s.ajax]:6,[s.sessionTrace]:7,[s.softNav]:8,[s.sessionReplay]:9,[s.logging]:10,[s.genericEvents]:11},u={[s.pageViewEvent]:a,[s.pageViewTiming]:n,[s.ajax]:n,[s.spa]:n,[s.softNav]:n,[s.metrics]:i,[s.jserrors]:i,[s.sessionTrace]:o,[s.sessionReplay]:o,[s.logging]:"browser/logs",[s.genericEvents]:"ins"}}},n={};function i(e){var t=n[e];if(void 0!==t)return t.exports;var o=n[e]={exports:{}};return r[e](o,o.exports,i),o.exports}i.m=r,i.d=(e,t)=>{for(var r in t)i.o(t,r)&&!i.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:t[r]})},i.f={},i.e=e=>Promise.all(Object.keys(i.f).reduce(((t,r)=>(i.f[r](e,t),t)),[])),i.u=e=>({212:"nr-spa-compressor",249:"nr-spa-recorder",478:"nr-spa"}[e]+"-1.281.0.min.js"),i.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="NRBA-1.281.0.PROD:",i.l=(r,n,o,a)=>{if(e[r])e[r].push(n);else{var s,c;if(void 0!==o)for(var u=document.getElementsByTagName("script"),d=0;d<u.length;d++){var l=u[d];if(l.getAttribute("src")==r||l.getAttribute("data-webpack")==t+o){s=l;break}}if(!s){c=!0;var f={478:"sha512-jmvAlmjCn64ans8tLueqHRlBI/iWekylsDWb94A77CG0ukSriVDvgD3dThx+XjUSBBBMYhFn8B1a18fViyBPEQ==",249:"sha512-ICY/ZrcytM/86t5KFy+9OAWVYmNNJy10EBtxoSUGjQWuZx53p/eLo+L8HfrGjvHuRHRnutqLTGSnvNttffJkaA==",212:"sha512-pQSn+X/RfBOvx/49HvlghaiXMLhhDQXTi13n1N2XMpDquWJgs9U0pbqE3RbAnYC9nsdaTu/RVGvneEPv1fpCxA=="};(s=document.createElement("script")).charset="utf-8",s.timeout=120,i.nc&&s.setAttribute("nonce",i.nc),s.setAttribute("data-webpack",t+o),s.src=r,0!==s.src.indexOf(window.location.origin+"/")&&(s.crossOrigin="anonymous"),f[a]&&(s.integrity=f[a])}e[r]=[n];var h=(t,n)=>{s.onerror=s.onload=null,clearTimeout(p);var i=e[r];if(delete e[r],s.parentNode&&s.parentNode.removeChild(s),i&&i.forEach((e=>e(n))),t)return t(n)},p=setTimeout(h.bind(null,void 0,{type:"timeout",target:s}),12e4);s.onerror=h.bind(null,s.onerror),s.onload=h.bind(null,s.onload),c&&document.head.appendChild(s)}},i.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},i.p="https://js-agent.newrelic.com/",(()=>{var e={38:0,788:0};i.f.j=(t,r)=>{var n=i.o(e,t)?e[t]:void 0;if(0!==n)if(n)r.push(n[2]);else{var o=new Promise(((r,i)=>n=e[t]=[r,i]));r.push(n[2]=o);var a=i.p+i.u(t),s=new Error;i.l(a,(r=>{if(i.o(e,t)&&(0!==(n=e[t])&&(e[t]=void 0),n)){var o=r&&("load"===r.type?"missing":r.type),a=r&&r.target&&r.target.src;s.message="Loading chunk "+t+" failed.\n("+o+": "+a+")",s.name="ChunkLoadError",s.type=o,s.request=a,n[1](s)}}),"chunk-"+t,t)}};var t=(t,r)=>{var n,o,[a,s,c]=r,u=0;if(a.some((t=>0!==e[t]))){for(n in s)i.o(s,n)&&(i.m[n]=s[n]);if(c)c(i)}for(t&&t(r);u<a.length;u++)o=a[u],i.o(e,o)&&e[o]&&e[o][0](),e[o]=0},r=self["webpackChunk:NRBA-1.281.0.PROD"]=self["webpackChunk:NRBA-1.281.0.PROD"]||[];r.forEach(t.bind(null,0)),r.push=t.bind(null,r.push.bind(r))})(),(()=>{"use strict";i(8374);var e=i(944),t=i(6344),r=i(9566);class n{agentIdentifier;constructor(){this.agentIdentifier=(0,r.LA)(16)}#e(t,...r){if("function"==typeof this.api?.[t])return this.api[t](...r);(0,e.R)(35,t)}addPageAction(e,t){return this.#e("addPageAction",e,t)}recordCustomEvent(e,t){return this.#e("recordCustomEvent",e,t)}setPageViewName(e,t){return this.#e("setPageViewName",e,t)}setCustomAttribute(e,t,r){return this.#e("setCustomAttribute",e,t,r)}noticeError(e,t){return this.#e("noticeError",e,t)}setUserId(e){return this.#e("setUserId",e)}setApplicationVersion(e){return this.#e("setApplicationVersion",e)}setErrorHandler(e){return this.#e("setErrorHandler",e)}addRelease(e,t){return this.#e("addRelease",e,t)}log(e,t){return this.#e("log",e,t)}}class o extends n{#e(t,...r){if("function"==typeof this.api?.[t])return this.api[t](...r);(0,e.R)(35,t)}start(){return this.#e("start")}finished(e){return this.#e("finished",e)}recordReplay(){return this.#e(t.G4.RECORD)}pauseReplay(){return this.#e(t.G4.PAUSE)}addToTrace(e){return this.#e("addToTrace",e)}setCurrentRouteName(e){return this.#e("setCurrentRouteName",e)}interaction(){return this.#e("interaction")}wrapLogger(e,t,r){return this.#e("wrapLogger",e,t,r)}}var a=i(860),s=i(9417);const c=Object.values(a.K7);function u(e){const t={};return c.forEach((r=>{t[r]=function(e,t){return!0===(0,s.gD)(t,"".concat(e,".enabled"))}(r,e)})),t}var d=i(425);var l=i(1687),f=i(4234),h=i(5289),p=i(6154),g=i(5270),m=i(7767),v=i(6389);class b extends f.W{constructor(e,t,r=!0){super(e.agentIdentifier,t),this.auto=r,this.abortHandler=void 0,this.featAggregate=void 0,this.onAggregateImported=void 0,!1===e.init[this.featureName].autoStart&&(this.auto=!1),this.auto?(0,l.Ak)(e.agentIdentifier,t):this.ee.on("manual-start-all",(0,v.J)((()=>{(0,l.Ak)(e.agentIdentifier,this.featureName),this.auto=!0,this.importAggregator(e)})))}importAggregator(t,r={}){if(this.featAggregate||!this.auto)return;let n;this.onAggregateImported=new Promise((e=>{n=e}));const o=async()=>{let o;try{if((0,m.V)(this.agentIdentifier)){const{setupAgentSession:e}=await i.e(478).then(i.bind(i,6526));o=e(t)}}catch(t){(0,e.R)(20,t),this.ee.emit("internal-error",[t]),this.featureName===a.K7.sessionReplay&&this.abortHandler?.()}try{if(!this.#t(this.featureName,o))return(0,l.Ze)(this.agentIdentifier,this.featureName),void n(!1);const{lazyFeatureLoader:e}=await i.e(478).then(i.bind(i,6103)),{Aggregate:a}=await e(this.featureName,"aggregate");this.featAggregate=new a(t,r),t.runtime.harvester.initializedAggregates.push(this.featAggregate),n(!0)}catch(t){(0,e.R)(34,t),this.abortHandler?.(),(0,l.Ze)(this.agentIdentifier,this.featureName,!0),n(!1),this.ee&&this.ee.abort()}};p.RI?(0,h.GG)((()=>o()),!0):o()}#t(e,t){switch(e){case a.K7.sessionReplay:return(0,g.SR)(this.agentIdentifier)&&!!t;case a.K7.sessionTrace:return!!t;default:return!0}}}var y=i(6630);class w extends b{static featureName=y.T;constructor(e,t=!0){super(e,y.T,t),this.importAggregator(e)}}var R=i(384);var x=i(9908),E=i(2843),T=i(3878),A=i(782),S=i(1863);class N extends b{static featureName=A.T;constructor(e,t=!0){super(e,A.T,t),p.RI&&((0,E.u)((()=>(0,x.p)("docHidden",[(0,S.t)()],void 0,A.T,this.ee)),!0),(0,T.sp)("pagehide",(()=>(0,x.p)("winPagehide",[(0,S.t)()],void 0,A.T,this.ee))),this.importAggregator(e))}}var _=i(3969);class O extends b{static featureName=_.TZ;constructor(e,t=!0){super(e,_.TZ,t),this.importAggregator(e)}}var I=i(6774),P=i(3304);class j{constructor(e,t,r,n,i){this.name="UncaughtError",this.message="string"==typeof e?e:(0,P.A)(e),this.sourceURL=t,this.line=r,this.column=n,this.__newrelic=i}}function C(e){return H(e)?e:new j(void 0!==e?.message?e.message:e,e?.filename||e?.sourceURL,e?.lineno||e?.line,e?.colno||e?.col,e?.__newrelic)}function k(e){const t="Unhandled Promise Rejection";if(!e?.reason)return;if(H(e.reason))try{return e.reason.message=t+": "+e.reason.message,C(e.reason)}catch(t){return C(e.reason)}const r=C(e.reason);return r.message=t+": "+r?.message,r}function L(e){if(e.error instanceof SyntaxError&&!/:\d+$/.test(e.error.stack?.trim())){const t=new j(e.message,e.filename,e.lineno,e.colno,e.error.__newrelic);return t.name=SyntaxError.name,t}return H(e.error)?e.error:C(e)}function H(e){return e instanceof Error&&!!e.stack}class M extends b{static featureName=I.T;#r=!1;constructor(e,r=!0){super(e,I.T,r);try{this.removeOnAbort=new AbortController}catch(e){}this.ee.on("internal-error",((e,t)=>{this.abortHandler&&(0,x.p)("ierr",[C(e),(0,S.t)(),!0,{},this.#r,t],void 0,this.featureName,this.ee)})),this.ee.on(t.G4.REPLAY_RUNNING,(e=>{this.#r=e})),p.gm.addEventListener("unhandledrejection",(e=>{this.abortHandler&&(0,x.p)("err",[k(e),(0,S.t)(),!1,{unhandledPromiseRejection:1},this.#r],void 0,this.featureName,this.ee)}),(0,T.jT)(!1,this.removeOnAbort?.signal)),p.gm.addEventListener("error",(e=>{this.abortHandler&&(0,x.p)("err",[L(e),(0,S.t)(),!1,{},this.#r],void 0,this.featureName,this.ee)}),(0,T.jT)(!1,this.removeOnAbort?.signal)),this.abortHandler=this.#n,this.importAggregator(e)}#n(){this.removeOnAbort?.abort(),this.abortHandler=void 0}}var D=i(8990);let K=1;const U="nr@id";function V(e){const t=typeof e;return!e||"object"!==t&&"function"!==t?-1:e===p.gm?0:(0,D.I)(e,U,(function(){return K++}))}function G(e){if("string"==typeof e&&e.length)return e.length;if("object"==typeof e){if("undefined"!=typeof ArrayBuffer&&e instanceof ArrayBuffer&&e.byteLength)return e.byteLength;if("undefined"!=typeof Blob&&e instanceof Blob&&e.size)return e.size;if(!("undefined"!=typeof FormData&&e instanceof FormData))try{return(0,P.A)(e).length}catch(e){return}}}var F=i(8139),B=i(7836),W=i(3434);const z={},q=["open","send"];function Z(t){var r=t||B.ee;const n=function(e){return(e||B.ee).get("xhr")}(r);if(void 0===p.gm.XMLHttpRequest)return n;if(z[n.debugId]++)return n;z[n.debugId]=1,(0,F.u)(r);var i=(0,W.YM)(n),o=p.gm.XMLHttpRequest,a=p.gm.MutationObserver,s=p.gm.Promise,c=p.gm.setInterval,u="readystatechange",d=["onload","onerror","onabort","onloadstart","onloadend","onprogress","ontimeout"],l=[],f=p.gm.XMLHttpRequest=function(t){const r=new o(t),a=n.context(r);try{n.emit("new-xhr",[r],a),r.addEventListener(u,(s=a,function(){var e=this;e.readyState>3&&!s.resolved&&(s.resolved=!0,n.emit("xhr-resolved",[],e)),i.inPlace(e,d,"fn-",y)}),(0,T.jT)(!1))}catch(t){(0,e.R)(15,t);try{n.emit("internal-error",[t])}catch(e){}}var s;return r};function h(e,t){i.inPlace(t,["onreadystatechange"],"fn-",y)}if(function(e,t){for(var r in e)t[r]=e[r]}(o,f),f.prototype=o.prototype,i.inPlace(f.prototype,q,"-xhr-",y),n.on("send-xhr-start",(function(e,t){h(e,t),function(e){l.push(e),a&&(g?g.then(b):c?c(b):(m=-m,v.data=m))}(t)})),n.on("open-xhr-start",h),a){var g=s&&s.resolve();if(!c&&!s){var m=1,v=document.createTextNode(m);new a(b).observe(v,{characterData:!0})}}else r.on("fn-end",(function(e){e[0]&&e[0].type===u||b()}));function b(){for(var e=0;e<l.length;e++)h(0,l[e]);l.length&&(l=[])}function y(e,t){return t}return n}var Y="fetch-",X=Y+"body-",J=["arrayBuffer","blob","json","text","formData"],Q=p.gm.Request,ee=p.gm.Response,te="prototype";const re={};function ne(e){const t=function(e){return(e||B.ee).get("fetch")}(e);if(!(Q&&ee&&p.gm.fetch))return t;if(re[t.debugId]++)return t;function r(e,r,n){var i=e[r];"function"==typeof i&&(e[r]=function(){var e,r=[...arguments],o={};t.emit(n+"before-start",[r],o),o[B.P]&&o[B.P].dt&&(e=o[B.P].dt);var a=i.apply(this,r);return t.emit(n+"start",[r,e],a),a.then((function(e){return t.emit(n+"end",[null,e],a),e}),(function(e){throw t.emit(n+"end",[e],a),e}))})}return re[t.debugId]=1,J.forEach((e=>{r(Q[te],e,X),r(ee[te],e,X)})),r(p.gm,"fetch",Y),t.on(Y+"end",(function(e,r){var n=this;if(r){var i=r.headers.get("content-length");null!==i&&(n.rxSize=i),t.emit(Y+"done",[null,r],n)}else t.emit(Y+"done",[e],n)})),t}var ie=i(7485),oe=i(5603);class ae{constructor(e){this.agentIdentifier=e}generateTracePayload(e){if(!this.shouldGenerateTrace(e))return null;var t=(0,oe.o)(this.agentIdentifier);if(!t)return null;var n=(t.accountID||"").toString()||null,i=(t.agentID||"").toString()||null,o=(t.trustKey||"").toString()||null;if(!n||!i)return null;var a=(0,r.ZF)(),s=(0,r.el)(),c=Date.now(),u={spanId:a,traceId:s,timestamp:c};return(e.sameOrigin||this.isAllowedOrigin(e)&&this.useTraceContextHeadersForCors())&&(u.traceContextParentHeader=this.generateTraceContextParentHeader(a,s),u.traceContextStateHeader=this.generateTraceContextStateHeader(a,c,n,i,o)),(e.sameOrigin&&!this.excludeNewrelicHeader()||!e.sameOrigin&&this.isAllowedOrigin(e)&&this.useNewrelicHeaderForCors())&&(u.newrelicHeader=this.generateTraceHeader(a,s,c,n,i,o)),u}generateTraceContextParentHeader(e,t){return"00-"+t+"-"+e+"-01"}generateTraceContextStateHeader(e,t,r,n,i){return i+"@nr=0-1-"+r+"-"+n+"-"+e+"----"+t}generateTraceHeader(e,t,r,n,i,o){if(!("function"==typeof p.gm?.btoa))return null;var a={v:[0,1],d:{ty:"Browser",ac:n,ap:i,id:e,tr:t,ti:r}};return o&&n!==o&&(a.d.tk=o),btoa((0,P.A)(a))}shouldGenerateTrace(e){return this.isDtEnabled()&&this.isAllowedOrigin(e)}isAllowedOrigin(e){var t=!1,r={};if((0,s.gD)(this.agentIdentifier,"distributed_tracing")&&(r=(0,s.D0)(this.agentIdentifier).distributed_tracing),e.sameOrigin)t=!0;else if(r.allowed_origins instanceof Array)for(var n=0;n<r.allowed_origins.length;n++){var i=(0,ie.D)(r.allowed_origins[n]);if(e.hostname===i.hostname&&e.protocol===i.protocol&&e.port===i.port){t=!0;break}}return t}isDtEnabled(){var e=(0,s.gD)(this.agentIdentifier,"distributed_tracing");return!!e&&!!e.enabled}excludeNewrelicHeader(){var e=(0,s.gD)(this.agentIdentifier,"distributed_tracing");return!!e&&!!e.exclude_newrelic_header}useNewrelicHeaderForCors(){var e=(0,s.gD)(this.agentIdentifier,"distributed_tracing");return!!e&&!1!==e.cors_use_newrelic_header}useTraceContextHeadersForCors(){var e=(0,s.gD)(this.agentIdentifier,"distributed_tracing");return!!e&&!!e.cors_use_tracecontext_headers}}var se=i(9300),ce=i(7295),ue=["load","error","abort","timeout"],de=ue.length,le=(0,R.dV)().o.REQ,fe=(0,R.dV)().o.XHR;class he extends b{static featureName=se.T;constructor(e,t=!0){super(e,se.T,t),this.dt=new ae(e.agentIdentifier),this.handler=(e,t,r,n)=>(0,x.p)(e,t,r,n,this.ee);try{const e={xmlhttprequest:"xhr",fetch:"fetch",beacon:"beacon"};p.gm?.performance?.getEntriesByType("resource").forEach((t=>{if(t.initiatorType in e&&0!==t.responseStatus){const r={status:t.responseStatus},n={rxSize:t.transferSize,duration:Math.floor(t.duration),cbTime:0};pe(r,t.name),this.handler("xhr",[r,n,t.startTime,t.responseEnd,e[t.initiatorType]],void 0,a.K7.ajax)}}))}catch(e){}ne(this.ee),Z(this.ee),function(e,t,r,n){function i(e){var t=this;t.totalCbs=0,t.called=0,t.cbTime=0,t.end=R,t.ended=!1,t.xhrGuids={},t.lastSize=null,t.loadCaptureCalled=!1,t.params=this.params||{},t.metrics=this.metrics||{},e.addEventListener("load",(function(r){E(t,e)}),(0,T.jT)(!1)),p.lR||e.addEventListener("progress",(function(e){t.lastSize=e.loaded}),(0,T.jT)(!1))}function o(e){this.params={method:e[0]},pe(this,e[1]),this.metrics={}}function s(t,r){e.loader_config.xpid&&this.sameOrigin&&r.setRequestHeader("X-NewRelic-ID",e.loader_config.xpid);var i=n.generateTracePayload(this.parsedOrigin);if(i){var o=!1;i.newrelicHeader&&(r.setRequestHeader("newrelic",i.newrelicHeader),o=!0),i.traceContextParentHeader&&(r.setRequestHeader("traceparent",i.traceContextParentHeader),i.traceContextStateHeader&&r.setRequestHeader("tracestate",i.traceContextStateHeader),o=!0),o&&(this.dt=i)}}function c(e,r){var n=this.metrics,i=e[0],o=this;if(n&&i){var a=G(i);a&&(n.txSize=a)}this.startTime=(0,S.t)(),this.body=i,this.listener=function(e){try{"abort"!==e.type||o.loadCaptureCalled||(o.params.aborted=!0),("load"!==e.type||o.called===o.totalCbs&&(o.onloadCalled||"function"!=typeof r.onload)&&"function"==typeof o.end)&&o.end(r)}catch(e){try{t.emit("internal-error",[e])}catch(e){}}};for(var s=0;s<de;s++)r.addEventListener(ue[s],this.listener,(0,T.jT)(!1))}function u(e,t,r){this.cbTime+=e,t?this.onloadCalled=!0:this.called+=1,this.called!==this.totalCbs||!this.onloadCalled&&"function"==typeof r.onload||"function"!=typeof this.end||this.end(r)}function d(e,t){var r=""+V(e)+!!t;this.xhrGuids&&!this.xhrGuids[r]&&(this.xhrGuids[r]=!0,this.totalCbs+=1)}function l(e,t){var r=""+V(e)+!!t;this.xhrGuids&&this.xhrGuids[r]&&(delete this.xhrGuids[r],this.totalCbs-=1)}function f(){this.endTime=(0,S.t)()}function h(e,r){r instanceof fe&&"load"===e[0]&&t.emit("xhr-load-added",[e[1],e[2]],r)}function g(e,r){r instanceof fe&&"load"===e[0]&&t.emit("xhr-load-removed",[e[1],e[2]],r)}function m(e,t,r){t instanceof fe&&("onload"===r&&(this.onload=!0),("load"===(e[0]&&e[0].type)||this.onload)&&(this.xhrCbStart=(0,S.t)()))}function v(e,r){this.xhrCbStart&&t.emit("xhr-cb-time",[(0,S.t)()-this.xhrCbStart,this.onload,r],r)}function b(e){var t,r=e[1]||{};if("string"==typeof e[0]?0===(t=e[0]).length&&p.RI&&(t=""+p.gm.location.href):e[0]&&e[0].url?t=e[0].url:p.gm?.URL&&e[0]&&e[0]instanceof URL?t=e[0].href:"function"==typeof e[0].toString&&(t=e[0].toString()),"string"==typeof t&&0!==t.length){t&&(this.parsedOrigin=(0,ie.D)(t),this.sameOrigin=this.parsedOrigin.sameOrigin);var i=n.generateTracePayload(this.parsedOrigin);if(i&&(i.newrelicHeader||i.traceContextParentHeader))if(e[0]&&e[0].headers)s(e[0].headers,i)&&(this.dt=i);else{var o={};for(var a in r)o[a]=r[a];o.headers=new Headers(r.headers||{}),s(o.headers,i)&&(this.dt=i),e.length>1?e[1]=o:e.push(o)}}function s(e,t){var r=!1;return t.newrelicHeader&&(e.set("newrelic",t.newrelicHeader),r=!0),t.traceContextParentHeader&&(e.set("traceparent",t.traceContextParentHeader),t.traceContextStateHeader&&e.set("tracestate",t.traceContextStateHeader),r=!0),r}}function y(e,t){this.params={},this.metrics={},this.startTime=(0,S.t)(),this.dt=t,e.length>=1&&(this.target=e[0]),e.length>=2&&(this.opts=e[1]);var r,n=this.opts||{},i=this.target;"string"==typeof i?r=i:"object"==typeof i&&i instanceof le?r=i.url:p.gm?.URL&&"object"==typeof i&&i instanceof URL&&(r=i.href),pe(this,r);var o=(""+(i&&i instanceof le&&i.method||n.method||"GET")).toUpperCase();this.params.method=o,this.body=n.body,this.txSize=G(n.body)||0}function w(e,t){if(this.endTime=(0,S.t)(),this.params||(this.params={}),(0,ce.iW)(this.params))return;let n;this.params.status=t?t.status:0,"string"==typeof this.rxSize&&this.rxSize.length>0&&(n=+this.rxSize);const i={txSize:this.txSize,rxSize:n,duration:(0,S.t)()-this.startTime};r("xhr",[this.params,i,this.startTime,this.endTime,"fetch"],this,a.K7.ajax)}function R(e){const t=this.params,n=this.metrics;if(!this.ended){this.ended=!0;for(let t=0;t<de;t++)e.removeEventListener(ue[t],this.listener,!1);t.aborted||(0,ce.iW)(t)||(n.duration=(0,S.t)()-this.startTime,this.loadCaptureCalled||4!==e.readyState?null==t.status&&(t.status=0):E(this,e),n.cbTime=this.cbTime,r("xhr",[t,n,this.startTime,this.endTime,"xhr"],this,a.K7.ajax))}}function E(e,r){e.params.status=r.status;var n=function(e,t){var r=e.responseType;return"json"===r&&null!==t?t:"arraybuffer"===r||"blob"===r||"json"===r?G(e.response):"text"===r||""===r||void 0===r?G(e.responseText):void 0}(r,e.lastSize);if(n&&(e.metrics.rxSize=n),e.sameOrigin){var i=r.getResponseHeader("X-NewRelic-App-Data");i&&((0,x.p)(_.rs,["Ajax/CrossApplicationTracing/Header/Seen"],void 0,a.K7.metrics,t),e.params.cat=i.split(", ").pop())}e.loadCaptureCalled=!0}t.on("new-xhr",i),t.on("open-xhr-start",o),t.on("open-xhr-end",s),t.on("send-xhr-start",c),t.on("xhr-cb-time",u),t.on("xhr-load-added",d),t.on("xhr-load-removed",l),t.on("xhr-resolved",f),t.on("addEventListener-end",h),t.on("removeEventListener-end",g),t.on("fn-end",v),t.on("fetch-before-start",b),t.on("fetch-start",y),t.on("fn-start",m),t.on("fetch-done",w)}(e,this.ee,this.handler,this.dt),this.importAggregator(e)}}function pe(e,t){var r=(0,ie.D)(t),n=e.params||e;n.hostname=r.hostname,n.port=r.port,n.protocol=r.protocol,n.host=r.hostname+":"+r.port,n.pathname=r.pathname,e.parsedOrigin=r,e.sameOrigin=r.sameOrigin}const ge={},me=["pushState","replaceState"];function ve(e){const t=function(e){return(e||B.ee).get("history")}(e);return!p.RI||ge[t.debugId]++||(ge[t.debugId]=1,(0,W.YM)(t).inPlace(window.history,me,"-")),t}var be=i(3738);const{He:ye,bD:we,d3:Re,Kp:xe,TZ:Ee,Lc:Te,uP:Ae,Rz:Se}=be;class Ne extends b{static featureName=Ee;constructor(e,t=!0){super(e,Ee,t);if(!(0,m.V)(this.agentIdentifier))return void this.deregisterDrain();const r=this.ee;let n;ve(r),this.eventsEE=(0,F.u)(r),this.eventsEE.on(Ae,(function(e,t){this.bstStart=(0,S.t)()})),this.eventsEE.on(Te,(function(e,t){(0,x.p)("bst",[e[0],t,this.bstStart,(0,S.t)()],void 0,a.K7.sessionTrace,r)})),r.on(Se+Re,(function(e){this.time=(0,S.t)(),this.startPath=location.pathname+location.hash})),r.on(Se+xe,(function(e){(0,x.p)("bstHist",[location.pathname+location.hash,this.startPath,this.time],void 0,a.K7.sessionTrace,r)}));try{n=new PerformanceObserver((e=>{const t=e.getEntries();(0,x.p)(ye,[t],void 0,a.K7.sessionTrace,r)})),n.observe({type:we,buffered:!0})}catch(e){}this.importAggregator(e,{resourceObserver:n})}}var _e=i(2614);class Oe extends b{static featureName=t.TZ;#i;#o;constructor(e,r=!0){let n;super(e,t.TZ,r),this.replayRunning=!1,this.#o=e;try{n=JSON.parse(localStorage.getItem("".concat(_e.H3,"_").concat(_e.uh)))}catch(e){}(0,g.SR)(e.agentIdentifier)&&this.ee.on(t.G4.RECORD,(()=>this.#a())),this.#s(n)?(this.#i=n?.sessionReplayMode,this.#c()):this.importAggregator(e),this.ee.on("err",(e=>{this.replayRunning&&(this.errorNoticed=!0,(0,x.p)(t.G4.ERROR_DURING_REPLAY,[e],void 0,this.featureName,this.ee))})),this.ee.on(t.G4.REPLAY_RUNNING,(e=>{this.replayRunning=e}))}#s(e){return e&&(e.sessionReplayMode===_e.g.FULL||e.sessionReplayMode===_e.g.ERROR)||(0,g.Aw)(this.agentIdentifier)}#u=!1;async#c(e){if(!this.#u){this.#u=!0;try{const{Recorder:t}=await Promise.all([i.e(478),i.e(249)]).then(i.bind(i,8589));this.recorder??=new t({mode:this.#i,agentIdentifier:this.agentIdentifier,trigger:e,ee:this.ee,agentRef:this.#o}),this.recorder.startRecording(),this.abortHandler=this.recorder.stopRecording}catch(e){}this.importAggregator(this.#o,{recorder:this.recorder,errorNoticed:this.errorNoticed})}}#a(){this.featAggregate?this.featAggregate.mode!==_e.g.FULL&&this.featAggregate.initializeRecording(_e.g.FULL,!0):(this.#i=_e.g.FULL,this.#c(t.Qb.API),this.recorder&&this.recorder.parent.mode!==_e.g.FULL&&(this.recorder.parent.mode=_e.g.FULL,this.recorder.stopRecording(),this.recorder.startRecording(),this.abortHandler=this.recorder.stopRecording))}}var Ie=i(3962);class Pe extends b{static featureName=Ie.TZ;constructor(e,t=!0){if(super(e,Ie.TZ,t),!p.RI||!(0,R.dV)().o.MO)return;const r=ve(this.ee);Ie.tC.forEach((e=>{(0,T.sp)(e,(e=>{a(e)}),!0)}));const n=()=>(0,x.p)("newURL",[(0,S.t)(),""+window.location],void 0,this.featureName,this.ee);r.on("pushState-end",n),r.on("replaceState-end",n);try{this.removeOnAbort=new AbortController}catch(e){}(0,T.sp)("popstate",(e=>(0,x.p)("newURL",[e.timeStamp,""+window.location],void 0,this.featureName,this.ee)),!0,this.removeOnAbort?.signal);let i=!1;const o=new((0,R.dV)().o.MO)(((e,t)=>{i||(i=!0,requestAnimationFrame((()=>{(0,x.p)("newDom",[(0,S.t)()],void 0,this.featureName,this.ee),i=!1})))})),a=(0,v.s)((e=>{(0,x.p)("newUIEvent",[e],void 0,this.featureName,this.ee),o.observe(document.body,{attributes:!0,childList:!0,subtree:!0,characterData:!0})}),100,{leading:!0});this.abortHandler=function(){this.removeOnAbort?.abort(),o.disconnect(),this.abortHandler=void 0},this.importAggregator(e,{domObserver:o})}}var je=i(7378);const Ce={},ke=["appendChild","insertBefore","replaceChild"];function Le(e){const t=function(e){return(e||B.ee).get("jsonp")}(e);if(!p.RI||Ce[t.debugId])return t;Ce[t.debugId]=!0;var r=(0,W.YM)(t),n=/[?&](?:callback|cb)=([^&#]+)/,i=/(.*)\.([^.]+)/,o=/^(\w+)(\.|$)(.*)$/;function a(e,t){if(!e)return t;const r=e.match(o),n=r[1];return a(r[3],t[n])}return r.inPlace(Node.prototype,ke,"dom-"),t.on("dom-start",(function(e){!function(e){if(!e||"string"!=typeof e.nodeName||"script"!==e.nodeName.toLowerCase())return;if("function"!=typeof e.addEventListener)return;var o=(s=e.src,c=s.match(n),c?c[1]:null);var s,c;if(!o)return;var u=function(e){var t=e.match(i);if(t&&t.length>=3)return{key:t[2],parent:a(t[1],window)};return{key:e,parent:window}}(o);if("function"!=typeof u.parent[u.key])return;var d={};function l(){t.emit("jsonp-end",[],d),e.removeEventListener("load",l,(0,T.jT)(!1)),e.removeEventListener("error",f,(0,T.jT)(!1))}function f(){t.emit("jsonp-error",[],d),t.emit("jsonp-end",[],d),e.removeEventListener("load",l,(0,T.jT)(!1)),e.removeEventListener("error",f,(0,T.jT)(!1))}r.inPlace(u.parent,[u.key],"cb-",d),e.addEventListener("load",l,(0,T.jT)(!1)),e.addEventListener("error",f,(0,T.jT)(!1)),t.emit("new-jsonp",[e.src],d)}(e[0])})),t}const He={};function Me(e){const t=function(e){return(e||B.ee).get("promise")}(e);if(He[t.debugId])return t;He[t.debugId]=!0;var r=t.context,n=(0,W.YM)(t),i=p.gm.Promise;return i&&function(){function e(r){var o=t.context(),a=n(r,"executor-",o,null,!1);const s=Reflect.construct(i,[a],e);return t.context(s).getCtx=function(){return o},s}p.gm.Promise=e,Object.defineProperty(e,"name",{value:"Promise"}),e.toString=function(){return i.toString()},Object.setPrototypeOf(e,i),["all","race"].forEach((function(r){const n=i[r];e[r]=function(e){let i=!1;[...e||[]].forEach((e=>{this.resolve(e).then(a("all"===r),a(!1))}));const o=n.apply(this,arguments);return o;function a(e){return function(){t.emit("propagate",[null,!i],o,!1,!1),i=i||!e}}}})),["resolve","reject"].forEach((function(r){const n=i[r];e[r]=function(e){const r=n.apply(this,arguments);return e!==r&&t.emit("propagate",[e,!0],r,!1,!1),r}})),e.prototype=i.prototype;const o=i.prototype.then;i.prototype.then=function(...e){var i=this,a=r(i);a.promise=i,e[0]=n(e[0],"cb-",a,null,!1),e[1]=n(e[1],"cb-",a,null,!1);const s=o.apply(this,e);return a.nextPromise=s,t.emit("propagate",[i,!0],s,!1,!1),s},i.prototype.then[W.Jt]=o,t.on("executor-start",(function(e){e[0]=n(e[0],"resolve-",this,null,!1),e[1]=n(e[1],"resolve-",this,null,!1)})),t.on("executor-err",(function(e,t,r){e[1](r)})),t.on("cb-end",(function(e,r,n){t.emit("propagate",[n,!0],this.nextPromise,!1,!1)})),t.on("propagate",(function(e,r,n){this.getCtx&&!r||(this.getCtx=function(){if(e instanceof Promise)var r=t.context(e);return r&&r.getCtx?r.getCtx():this})}))}(),t}const De={},Ke="setTimeout",Ue="setInterval",Ve="clearTimeout",Ge="-start",Fe=[Ke,"setImmediate",Ue,Ve,"clearImmediate"];function Be(e){const t=function(e){return(e||B.ee).get("timer")}(e);if(De[t.debugId]++)return t;De[t.debugId]=1;var r=(0,W.YM)(t);return r.inPlace(p.gm,Fe.slice(0,2),Ke+"-"),r.inPlace(p.gm,Fe.slice(2,3),Ue+"-"),r.inPlace(p.gm,Fe.slice(3),Ve+"-"),t.on(Ue+Ge,(function(e,t,n){e[0]=r(e[0],"fn-",null,n)})),t.on(Ke+Ge,(function(e,t,n){this.method=n,this.timerDuration=isNaN(e[1])?0:+e[1],e[0]=r(e[0],"fn-",this,n)})),t}const We={};function ze(e){const t=function(e){return(e||B.ee).get("mutation")}(e);if(!p.RI||We[t.debugId])return t;We[t.debugId]=!0;var r=(0,W.YM)(t),n=p.gm.MutationObserver;return n&&(window.MutationObserver=function(e){return this instanceof n?new n(r(e,"fn-")):n.apply(this,arguments)},MutationObserver.prototype=n.prototype),t}const{TZ:qe,d3:Ze,Kp:Ye,$p:Xe,wW:$e,e5:Je,tH:Qe,uP:et,rw:tt,Lc:rt}=je;class nt extends b{static featureName=qe;constructor(e,t=!0){if(super(e,qe,t),!p.RI)return;try{this.removeOnAbort=new AbortController}catch(e){}let r,n=0;const i=this.ee.get("tracer"),o=Le(this.ee),a=Me(this.ee),s=Be(this.ee),c=Z(this.ee),u=this.ee.get("events"),d=ne(this.ee),l=ve(this.ee),f=ze(this.ee);function h(e,t){l.emit("newURL",[""+window.location,t])}function g(){n++,r=window.location.hash,this[et]=(0,S.t)()}function m(){n--,window.location.hash!==r&&h(0,!0);var e=(0,S.t)();this[Je]=~~this[Je]+e-this[et],this[rt]=e}function v(e,t){e.on(t,(function(){this[t]=(0,S.t)()}))}this.ee.on(et,g),a.on(tt,g),o.on(tt,g),this.ee.on(rt,m),a.on($e,m),o.on($e,m),this.ee.on("fn-err",((...t)=>{t[2]?.__newrelic?.[e.agentIdentifier]||(0,x.p)("function-err",[...t],void 0,this.featureName,this.ee)})),this.ee.buffer([et,rt,"xhr-resolved"],this.featureName),u.buffer([et],this.featureName),s.buffer(["setTimeout"+Ye,"clearTimeout"+Ze,et],this.featureName),c.buffer([et,"new-xhr","send-xhr"+Ze],this.featureName),d.buffer([Qe+Ze,Qe+"-done",Qe+Xe+Ze,Qe+Xe+Ye],this.featureName),l.buffer(["newURL"],this.featureName),f.buffer([et],this.featureName),a.buffer(["propagate",tt,$e,"executor-err","resolve"+Ze],this.featureName),i.buffer([et,"no-"+et],this.featureName),o.buffer(["new-jsonp","cb-start","jsonp-error","jsonp-end"],this.featureName),v(d,Qe+Ze),v(d,Qe+"-done"),v(o,"new-jsonp"),v(o,"jsonp-end"),v(o,"cb-start"),l.on("pushState-end",h),l.on("replaceState-end",h),window.addEventListener("hashchange",h,(0,T.jT)(!0,this.removeOnAbort?.signal)),window.addEventListener("load",h,(0,T.jT)(!0,this.removeOnAbort?.signal)),window.addEventListener("popstate",(function(){h(0,n>1)}),(0,T.jT)(!0,this.removeOnAbort?.signal)),this.abortHandler=this.#n,this.importAggregator(e)}#n(){this.removeOnAbort?.abort(),this.abortHandler=void 0}}var it=i(3333);class ot extends b{static featureName=it.TZ;constructor(e,t=!0){super(e,it.TZ,t);const r=[e.init.page_action.enabled,e.init.performance.capture_marks,e.init.performance.capture_measures,e.init.user_actions.enabled,e.init.performance.resources.enabled];if(p.RI&&(e.init.user_actions.enabled&&(it.Zp.forEach((e=>(0,T.sp)(e,(e=>(0,x.p)("ua",[e],void 0,this.featureName,this.ee)),!0))),it.qN.forEach((e=>{const t=(0,v.s)((e=>{(0,x.p)("ua",[e],void 0,this.featureName,this.ee)}),500,{leading:!0});(0,T.sp)(e,t)}))),e.init.performance.resources.enabled&&p.gm.PerformanceObserver?.supportedEntryTypes.includes("resource"))){new PerformanceObserver((e=>{e.getEntries().forEach((e=>{(0,x.p)("browserPerformance.resource",[e],void 0,this.featureName,this.ee)}))})).observe({type:"resource",buffered:!0})}r.some((e=>e))?this.importAggregator(e):this.deregisterDrain()}}var at=i(993),st=i(3785);class ct extends b{static featureName=at.TZ;constructor(e,t=!0){super(e,at.TZ,t);const r=this.ee;this.ee.on("wrap-logger-end",(function([e]){const{level:t,customAttributes:n}=this;(0,st.R)(r,e,n,t)})),this.importAggregator(e)}}new class extends o{constructor(t){super(),p.gm?(this.features={},(0,R.bQ)(this.agentIdentifier,this),this.desiredFeatures=new Set(t.features||[]),this.desiredFeatures.add(w),this.runSoftNavOverSpa=[...this.desiredFeatures].some((e=>e.featureName===a.K7.softNav)),(0,d.j)(this,t,t.loaderType||"agent"),this.run()):(0,e.R)(21)}get config(){return{info:this.info,init:this.init,loader_config:this.loader_config,runtime:this.runtime}}run(){try{const t=u(this.agentIdentifier),r=[...this.desiredFeatures];r.sort(((e,t)=>a.P3[e.featureName]-a.P3[t.featureName])),r.forEach((r=>{if(!t[r.featureName]&&r.featureName!==a.K7.pageViewEvent)return;if(this.runSoftNavOverSpa&&r.featureName===a.K7.spa)return;if(!this.runSoftNavOverSpa&&r.featureName===a.K7.softNav)return;const n=function(e){switch(e){case a.K7.ajax:return[a.K7.jserrors];case a.K7.sessionTrace:return[a.K7.ajax,a.K7.pageViewEvent];case a.K7.sessionReplay:return[a.K7.sessionTrace];case a.K7.pageViewTiming:return[a.K7.pageViewEvent];default:return[]}}(r.featureName).filter((e=>!(e in this.features)));n.length>0&&(0,e.R)(36,{targetFeature:r.featureName,missingDependencies:n}),this.features[r.featureName]=new r(this)}))}catch(t){(0,e.R)(22,t);for(const e in this.features)this.features[e].abortHandler?.();const r=(0,R.Zm)();delete r.initializedAgents[this.agentIdentifier]?.api,delete r.initializedAgents[this.agentIdentifier]?.features,delete this.sharedAggregator;return r.ee.get(this.agentIdentifier).abort(),!1}}}({features:[he,w,N,Ne,Oe,O,M,ot,ct,Pe,nt],loaderType:"spa"})})()})();</script> <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-MGR7P8X');</script> <script async src="https://www.googletagmanager.com/gtag/js?id=G-B1V8SZE3GL"></script> <script>window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-B1V8SZE3GL');</script> <script>(function(){var a=window.mutiny=window.mutiny||{};if(!window.mutiny.client){a.client={_queue:{}};var b=["identify","trackConversion"];var c=[].concat(b,["defaultOptOut","optOut","optIn"]);var d=function factory(c){return function(){for(var d=arguments.length,e=new Array(d),f=0;f<d;f++){e[f]=arguments[f]}a.client._queue[c]=a.client._queue[c]||[];if(b.includes(c)){return new Promise(function(b,d){a.client._queue[c].push({args:e,resolve:b,reject:d})})}else{a.client._queue[c].push({args:e})}}};c.forEach(function(b){a.client[b]=d(b)})}})();</script> <script data-cfasync="false" src="https://client-registry.mutinycdn.com/personalize/client/d454424c4514a20a.js"></script> <meta charset="utf-8" /> <meta name="description" content="Learn all about account takeover fraud and compromise, including the definition, how it happens, what increases your vulnerability, and account takeover prevention." /> <link rel="canonical" href="https://www.proofpoint.com/us/threat-reference/account-takeover-fraud" /> <link rel="shortlink" href="https://www.proofpoint.com/us/threat-reference/account-takeover-fraud" /> <link rel="icon" href="/themes/custom/proofpoint/apps/drupal/favicon.ico" /> <link rel="mask-icon" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon.svg" /> <link rel="icon" sizes="16x16" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-16x16.png" /> <link rel="icon" sizes="32x32" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-32x32.png" /> <link rel="icon" sizes="96x96" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-96x96.png" /> <link rel="icon" sizes="192x192" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-192x192.png" /> <link rel="apple-touch-icon" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-60x60.png" /> <link rel="apple-touch-icon" sizes="72x72" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-72x72.png" /> <link rel="apple-touch-icon" sizes="76x76" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-76x76.png" /> <link rel="apple-touch-icon" sizes="114x114" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-114x114.png" /> <link rel="apple-touch-icon" sizes="120x120" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-120x120.png" /> <link rel="apple-touch-icon" sizes="144x144" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-144x144.png" /> <link rel="apple-touch-icon" sizes="152x152" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-152x152.png" /> <link rel="apple-touch-icon" sizes="180x180" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-180x180.png" /> <link rel="apple-touch-icon-precomposed" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-57x57.png" /> <link rel="apple-touch-icon-precomposed" sizes="72x72" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-72x72.png" /> <link rel="apple-touch-icon-precomposed" sizes="76x76" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-76x76.png" /> <link rel="apple-touch-icon-precomposed" sizes="114x114" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-114x114.png" /> <link rel="apple-touch-icon-precomposed" sizes="120x120" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-120x120.png" /> <link rel="apple-touch-icon-precomposed" sizes="144x144" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-144x144.png" /> <link rel="apple-touch-icon-precomposed" sizes="152x152" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-152x152.png" /> <link rel="apple-touch-icon-precomposed" sizes="180x180" href="/themes/custom/proofpoint/apps/drupal/images/favicons/favicon-180x180.png" /> <meta property="og:site_name" content="Proofpoint" /> <meta property="og:type" content="website" /> <meta property="og:url" content="https://www.proofpoint.com/us/threat-reference/account-takeover-fraud" /> <meta property="og:title" content="What Is Account Takeover Fraud (ATO)? Prevention & More | Proofpoint US" /> <meta property="og:description" content="Learn all about account takeover fraud and compromise, including the definition, how it happens, what increases your vulnerability, and account takeover prevention." /> <meta property="og:image" content="" /> <meta property="og:image:url" content="" /> <meta property="og:image:secure_url" content="" /> <meta property="article:published_time" content="2021-02-26T17:28:16-08:00" /> <meta property="article:modified_time" content="2024-05-09T07:47:49-07:00" /> <meta name="twitter:card" content="summary_large_image" /> <meta name="twitter:description" content="Learn all about account takeover fraud and compromise, including the definition, how it happens, what increases your vulnerability, and account takeover prevention." /> <meta name="twitter:site" content="@proofpoint" /> <meta name="twitter:title" content="What Is Account Takeover Fraud (ATO)? Prevention & More | Proofpoint US" /> <meta name="twitter:url" content="https://www.proofpoint.com/us/threat-reference/account-takeover-fraud" /> <meta name="twitter:image" content="" /> <link rel="alternate" hreflang="en-us" href="https://www.proofpoint.com/us/threat-reference/account-takeover-fraud" /> <script data-cfasync="false" type="text/javascript" id="vwoCode">window._vwo_code=window._vwo_code || (function() { var account_id=1002484, version=1.3, settings_tolerance=2000, library_tolerance=2500,z use_existing_jquery=false, is_spa=1, hide_element='body', /* DO NOT EDIT BELOW THIS LINE */ f=false,d=document,code={use_existing_jquery:function(){return use_existing_jquery},library_tolerance:function(){return library_tolerance},finish:function(){if(!f){f=true;var e=d.getElementById('_vis_opt_path_hides');if(e)e.parentNode.removeChild(e)}},finished:function(){return f},load:function(e){var t=d.createElement('script');t.fetchPriority='high';t.src=e;t.type='text/javascript';t.innerText;t.onerror=function(){_vwo_code.finish()};d.getElementsByTagName('head')[0].appendChild(t)},init:function(){window.settings_timer=setTimeout(function(){_vwo_code.finish()},settings_tolerance);var e=d.createElement('style'),t=hide_element?hide_element+'{opacity:0 !important;filter:alpha(opacity=0) !important;background:none !important;}':'',i=d.getElementsByTagName('head')[0];e.setAttribute('id','_vis_opt_path_hides');e.setAttribute('nonce',document.querySelector('#vwoCode').nonce);e.setAttribute('type','text/css');if(e.styleSheet)e.styleSheet.cssText=t;else e.appendChild(d.createTextNode(t));i.appendChild(e);this.load('https://dev.visualwebsiteoptimizer.com/j.php?a='+account_id+'&u='+encodeURIComponent(d.URL)+'&f='+ +is_spa+'&vn='+version);return settings_timer}};window._vwo_settings_timer = code.init();return code;}());</script> <meta name="facebook-domain-verification" content="l349mr2tyecyl7w3a1146378lqxru1" /> <meta name="MobileOptimized" content="width" /> <meta name="HandheldFriendly" content="true" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <link rel="preload" href="/themes/custom/proofpoint/dist/app-drupal/assets/fonts/proofpoint.woff2" as="font" crossorigin="anonymous" /> <link rel="preload" href="/themes/custom/proofpoint/dist/app-drupal/assets/fonts/RobotoCondensed-Regular-webfont.woff" as="font" crossorigin="anonymous" /> <link rel="preload" href="/themes/custom/proofpoint/dist/app-drupal/assets/fonts/fjalla-one-v7-latin-regular.woff" as="font" crossorigin="anonymous" /> <link rel="preload" href="/themes/custom/proofpoint/dist/app-drupal/assets/fonts/fjalla-one-v7-latin-regular.woff2" as="font" crossorigin="anonymous" /> <link rel="preload" href="/themes/custom/proofpoint/dist/app-drupal/assets/fonts/RobotoCondensed-Bold-webfont.woff" as="font" crossorigin="anonymous" /> <link rel="alternate" hreflang="en-gb" href="https://www.proofpoint.com/uk/threat-reference/account-takeover-fraud" /> <link rel="alternate" hreflang="fr" href="https://www.proofpoint.com/fr/threat-reference/account-takeover-fraud" /> <link rel="alternate" hreflang="de" href="https://www.proofpoint.com/de/threat-reference/account-takeover-fraud" /> <link rel="alternate" hreflang="es" href="https://www.proofpoint.com/es/threat-reference/account-takeover-fraud" /> <link rel="alternate" hreflang="ja" href="https://www.proofpoint.com/jp/threat-reference/account-takeover-fraud" /> <link rel="alternate" hreflang="en-au" href="https://www.proofpoint.com/au/threat-reference/account-takeover-fraud" /> <link rel="alternate" hreflang="it" href="https://www.proofpoint.com/it/threat-reference/account-takeover-fraud" /> <title>What Is Account Takeover Fraud (ATO)? Prevention & More | Proofpoint US</title> <link rel="stylesheet" media="all" href="/sites/default/files/css/css_bz39HiNKhJHfSWRdMAywL6QI0qApb1G3wt-hOYnEkl0.css?delta=0&language=en&theme=particle&include=eJx1kUtuBDEIRC80TC9yIuxm3FZosACPMreP81HsXmRl8UCuoghVTmhb_Lw3f3nQuSV0ujW0qJlpy2pLVVQLEzxUwid9qAYZPN-WQVZ3tBeI7pffJEgCGhayiQ_CvUqZINkg2fqZvmWwGLbDt916Q75Pcu_SeuLqB-2LSiAkFFklhqGEDMR00sW8N8yLw8RawHvybDUt_A_BmMjvs2Hk2i2T_9eAOlK9Cswq6CMgK_dT1kAJoxvtgO4UCzciCKtjkYZCvCZo-rvz5Q5fyQ4k-PwEwjG-bw" /> <link rel="stylesheet" media="all" href="/sites/default/files/css/css_lWJnYsJV2qqB3rKV4KV3G9ESYWfcMJXjU42DbM2UyzI.css?delta=1&language=en&theme=particle&include=eJx1kUtuBDEIRC80TC9yIuxm3FZosACPMreP81HsXmRl8UCuoghVTmhb_Lw3f3nQuSV0ujW0qJlpy2pLVVQLEzxUwid9qAYZPN-WQVZ3tBeI7pffJEgCGhayiQ_CvUqZINkg2fqZvmWwGLbDt916Q75Pcu_SeuLqB-2LSiAkFFklhqGEDMR00sW8N8yLw8RawHvybDUt_A_BmMjvs2Hk2i2T_9eAOlK9Cswq6CMgK_dT1kAJoxvtgO4UCzciCKtjkYZCvCZo-rvz5Q5fyQ4k-PwEwjG-bw" /> <script src="/sites/default/files/js/js_jJku_dBSpGBzL-Q1wGMXOurNyXAM2fLpoxg9V9CAkMA.js?scope=header&delta=0&language=en&theme=particle&include=eJxNjFEOwjAMQy_EFPHHbaY0mDZam1RZen-YhASf9vPznLveH0adrS6u2J5ISHrc5twHx4F0GsukHWpXd4JDGq3Ufl45GwYo3Xvhj8SRKh0kHvjDXIxLUau_xfd8e3mMN5xAM9U"></script> </head> <body class="path-node user-anonymous"> <a href="#main-content" class="visually-hidden focusable"> Skip to main content </a> <div class="limit-width-wrapper"> <div class="dialog-off-canvas-main-canvas" data-off-canvas-main-canvas> <div class="header-nav__spacer"></div> <div class="header-nav js-is-top"> <div class="header-nav__extra"> <div class="header-nav__extra-wrap"> <div class="header-nav__top-language" data-open="content:x_lng"> <span>English (Americas)</span> </div> <div class="header-nav__actions"> <div class="header-nav__top-search" data-open="content:x_sch"> <span>Search</span> </div> <div class="header-nav__top-login" data-open="content:x_lgn"> <span>Login</span> </div> </div> </div> </div> <div class="header-nav__main"> <div class="header-nav__main-wrap"> <div class="header-nav__expand" data-open="home"></div> <ul class="header-nav__top-links"> <li class="header-nav__top-link"> <div data-open="content:platform_panel" class="header-nav__top-link-text"> Platform </div> </li> <li class="header-nav__top-link"> <div data-open="content:products_panel" class="header-nav__top-link-text"> Products </div> </li> <li class="header-nav__top-link"> <div data-open="content:solutions_panel" class="header-nav__top-link-text"> Solutions </div> </li> </ul> <a href="/us" class="header-nav__logo">Proofpoint</a> <div class="header-nav__buttons"> <a href=/us/contact class="global-elements__cta-button--outline header-nav__button" > <span>Contact</span> <div class="global-elements__cta-button--arrow-wrapper"></div> </a> </div> <div class="header-nav__mobile-actions"> <div class="header-nav__mobile-search" data-open="content:x_sch">Search</div> <div class="header-nav__mobile-menu" data-open="home"></div> </div> </div> </div> </div> <div class="header-nav__menu"> <div class="header-nav__menu-wrapper"> <div class="header-nav__menu-close"></div> <div class="header-nav__menu-pane" data-home={true}> <ul class="header-nav__home-links"> <li class="header-nav__home-link" data-open="content:platform_panel" ><span>Platform</span></li> <li class="header-nav__home-link" data-open="content:products_panel" ><span>Products</span></li> <li class="header-nav__home-link" data-open="content:solutions_panel" ><span>Solutions</span></li> <li class="header-nav__home-link" data-open="content:partners_panel" ><span>Partners</span></li> <li class="header-nav__home-link" data-open="content:resources_panel" ><span>Resources</span></li> <li class="header-nav__home-link" data-open="content:company_panel" ><span>Company</span></li> </ul> <div class="header-nav__menu-extras"> <div class="header-nav__menu-search" data-open="content:x_sch">Search</div> <div class="header-nav__menu-login" data-open="content:x_lgn">Login</div> <div class="header-nav__menu-language" data-open="content:x_lng">English (Americas)</div> </div> </div> <div class="header-nav__menu-pane" data-sublinks="Platform"> <div class="header-nav__sublinks"> <div class="header-nav__expand-title">Platform</div> <ul class="header-nav__expand-links"> </ul> </div> </div> <div class="header-nav__menu-pane" data-sublinks="Products"> <div class="header-nav__sublinks"> <div class="header-nav__expand-title">Products</div> <ul class="header-nav__expand-links"> </ul> </div> </div> <div class="header-nav__menu-pane" data-sublinks="Solutions"> <div class="header-nav__sublinks"> <div class="header-nav__expand-title">Solutions</div> <ul class="header-nav__expand-links"> </ul> </div> </div> <div class="header-nav__menu-pane" data-sublinks="Partners"> <div class="header-nav__sublinks"> <div class="header-nav__expand-title">Partners</div> <ul class="header-nav__expand-links"> </ul> </div> </div> <div class="header-nav__menu-pane" data-sublinks="Resources"> <div class="header-nav__sublinks"> <div class="header-nav__expand-title">Resources</div> <ul class="header-nav__expand-links"> </ul> </div> </div> <div class="header-nav__menu-pane" data-sublinks="Company"> <div class="header-nav__sublinks"> <div class="header-nav__expand-title">Company</div> <ul class="header-nav__expand-links"> </ul> </div> </div> <div class="header-nav__menu-pane" data-content="products_panel"> <div class="header-nav__content"> <a href="/us/products/protect-people" class="header-nav__content-link-group-anchor"> <div class="header-nav__content-link-group"> <div class="header-nav__content-group-title">Protect People</div> <div class="header-nav__content-group-desc">Multi-layered, adaptive defenses for threat detection, impersonation, and supplier risk.</div> </div> </a> <div class="header-nav__content-link"> <a href="/us/products/threat-defense" class="header-nav__content-link-text">Email Security</a> </div> <div class="header-nav__content-link"> <a href="/us/products/impersonation-protection" class="header-nav__content-link-text">Impersonation Protection</a> </div> <div class="header-nav__content-link"> <a href="#" class="header-nav__content-link-text" data-open="content:products_more_tp_products_panel">More products</a> </div> <a href="/us/products/defend-data" class="header-nav__content-link-group-anchor"> <div class="header-nav__content-link-group"> <div class="header-nav__content-group-title">Defend Data</div> <div class="header-nav__content-group-desc">Transform your information protection with a human-centric, omni-channel approach.</div> </div> </a> <div class="header-nav__content-link"> <a href="/us/products/data-security-posture-management" class="header-nav__content-link-text">Data Security Posture Management</a> </div> <div class="header-nav__content-link"> <a href="/us/products/data-loss-prevention" class="header-nav__content-link-text">Enterprise DLP</a> </div> <div class="header-nav__content-link"> <a href="/us/products/adaptive-email-dlp" class="header-nav__content-link-text">Adaptive Email DLP</a> </div> <div class="header-nav__content-link"> <a href="/us/products/insider-threat-management" class="header-nav__content-link-text">Insider Threat Management</a> </div> <div class="header-nav__content-link"> <a href="/us/products/digital-communications-governance" class="header-nav__content-link-text">Digital Communications Governance</a> </div> <div class="header-nav__content-link-group"> <div class="header-nav__content-group-title">Mitigate Human Risk</div> <div class="header-nav__content-group-desc">Unlock full user risk visibility and drive behavior change.</div> </div> <div class="header-nav__content-link"> <a href="/us/products/mitigate-human-risk" class="header-nav__content-link-text">Security Awareness</a> </div> <div class="header-nav__content-link-group"> <div class="header-nav__content-group-title">Augment Your Capabilities</div> </div> <div class="header-nav__content-link"> <a href="/us/products/premium-services" class="header-nav__content-link-text">Managed Services</a> </div> <div class="header-nav__content-link"> <a href="/us/products/packages" class="header-nav__content-link-text">Product Packages</a> </div> <div class="header-nav__content-link-spacer"></div> </div> </div> <div class="header-nav__menu-pane" data-content="products_more_tp_products_panel"> <div class="header-nav__content"> <div class="header-nav__content-heading">More Protect People Products</div> <div class="header-nav__content-link"> <a href="/us/products/identity-protection" class="header-nav__content-link-text">Account Take-Over and Identity Protection</a> <div class="header-nav__content-link-desc">Secure vulnerable identities, stop lateral movement and privilege escalation.</div> </div> <div class="header-nav__content-link"> <a href="/us/products/adaptive-email-security" class="header-nav__content-link-text">Adaptive Email Security</a> <div class="header-nav__content-link-desc">Stop more threats with a fully integrated layer of behavioral AI.</div> </div> <div class="header-nav__content-link"> <a href="/us/products/email-protection/email-fraud-defense" class="header-nav__content-link-text">Email Fraud Defense</a> <div class="header-nav__content-link-desc">Protect your brand reputation, increase deliverability and identify lookalikes of your domains.</div> </div> <div class="header-nav__content-link"> <a href="/us/products/email-security-and-protection/secure-email-relay" class="header-nav__content-link-text">Secure Email Relay</a> <div class="header-nav__content-link-desc">Secure your application email and accelerate DMARC implementation.</div> </div> </div> </div> <div class="header-nav__menu-pane" data-content="solutions_panel"> <div class="header-nav__content"> <div class="header-nav__content-link-group"> <div class="header-nav__content-group-title">Solutions by Use Case</div> <div class="header-nav__content-group-desc">How Proofpoint protects your people and data.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/ensure-acceptable-genai-use" class="header-nav__content-link-text">Ensure Acceptable GenAI Use</a> <div class="header-nav__content-link-desc">Empower your workforce with safe GenAI practices.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/email-authentication-with-dmarc" class="header-nav__content-link-text">Authenticate Your Email</a> <div class="header-nav__content-link-desc">Protect your email deliverability with DMARC.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/combat-email-and-cloud-threats" class="header-nav__content-link-text">Combat Email and Cloud Threats</a> <div class="header-nav__content-link-desc">Protect your people from email and cloud threats with an intelligent and holistic approach.</div> </div> <div class="header-nav__content-link"> <a href="#" class="header-nav__content-link-text" data-open="content:solutions_by_use_case_panel">More use cases</a> </div> <div class="header-nav__content-link-group"> <div class="header-nav__content-group-title">Solutions by Industry</div> <div class="header-nav__content-group-desc">People-centric solutions for your organization.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/federal" class="header-nav__content-link-text">Federal Government</a> <div class="header-nav__content-link-desc">Cybersecurity for federal government agencies.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/state-and-local-government" class="header-nav__content-link-text">State and Local Government</a> <div class="header-nav__content-link-desc">Protecting the public sector, and the public from cyber threats.</div> </div> <div class="header-nav__content-link"> <a href="#" class="header-nav__content-link-text" data-open="content:solutions_by_industry_panel">More industries</a> </div> <a href="/us/compare" class="header-nav__content-link-group-anchor"> <div class="header-nav__content-link-group"> <div class="header-nav__content-group-title">Comparing Proofpoint</div> <div class="header-nav__content-group-desc">Evaluating cybersecurity vendors? Check out our side-by-side comparisons.</div> </div> </a> <div class="header-nav__content-link"> <a href="#" class="header-nav__content-link-text" data-open="content:compare_proofpoint_panel">View comparisons</a> </div> </div> </div> <div class="header-nav__menu-pane" data-content="solutions_by_use_case_panel"> <div class="header-nav__content"> <h3 class="header-nav__content-title">Solutions By Use Case</h3> <div class="header-nav__content-heading">How Proofpoint protects your people and data.</div> <div class="header-nav__content-link"> <a href="/us/solutions/change-user-behavior" class="header-nav__content-link-text">Change User Behavior</a> <div class="header-nav__content-link-desc">Help your employees identify, resist and report attacks before the damage is done.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/combat-data-loss-and-insider-risk" class="header-nav__content-link-text">Combat Data Loss and Insider Risk</a> <div class="header-nav__content-link-desc">Prevent data loss via negligent, compromised and malicious insiders.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/enable-intelligent-compliance" class="header-nav__content-link-text">Modernize Compliance and Archiving</a> <div class="header-nav__content-link-desc">Manage risk and data retention needs with a modern compliance and archiving solution.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/protect-cloud-apps" class="header-nav__content-link-text">Protect Cloud Apps</a> <div class="header-nav__content-link-desc">Keep your people and their cloud apps secure by eliminating threats and data loss.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/prevent-loss-from-ransomware" class="header-nav__content-link-text">Prevent Loss from Ransomware</a> <div class="header-nav__content-link-desc">Learn about this growing threat and stop attacks by securing ransomware's top vector: email.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/secure-microsoft-365" class="header-nav__content-link-text">Secure Microsoft 365</a> <div class="header-nav__content-link-desc">Implement the best security and compliance solution for Microsoft 365.</div> </div> </div> </div> <div class="header-nav__menu-pane" data-content="solutions_by_industry_panel"> <div class="header-nav__content"> <h3 class="header-nav__content-title">Solutions By Industry</h3> <div class="header-nav__content-heading">People-centric solutions for your organization.</div> <div class="header-nav__content-link"> <a href="/us/solutions/higher-education-security" class="header-nav__content-link-text">Higher Education</a> <div class="header-nav__content-link-desc">A higher level of security for higher education.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/financial-services-and-insurance" class="header-nav__content-link-text">Financial Services</a> <div class="header-nav__content-link-desc">Eliminate threats, build trust and foster growth for your organization.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/healthcare-information-security" class="header-nav__content-link-text">Healthcare</a> <div class="header-nav__content-link-desc">Protect clinicians, patient data, and your intellectual property against advanced threats.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/mobile-message-security-solutions-for-service-providers" class="header-nav__content-link-text">Mobile Operators</a> <div class="header-nav__content-link-desc">Make your messaging environment a secure environment.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/email-security-solutions-for-service-providers" class="header-nav__content-link-text">Internet Service Providers</a> <div class="header-nav__content-link-desc">Cloudmark email protection.</div> </div> <div class="header-nav__content-link"> <a href="/us/solutions/protection-compliance-small-business" class="header-nav__content-link-text">Small and Medium Businesses</a> <div class="header-nav__content-link-desc">Big-time security for small business.</div> </div> </div> </div> <div class="header-nav__menu-pane" data-content="compare_proofpoint_panel"> <div class="header-nav__content"> <h3 class="header-nav__content-title">Proofpoint vs. the competition</h3> <div class="header-nav__content-heading">Side-by-side comparisons.</div> <div class="header-nav__content-link"> <a href="/us/compare/proofpoint-vs-abnormal-security" class="header-nav__content-link-text">Proofpoint vs. Abnormal Security</a> </div> <div class="header-nav__content-link"> <a href="/us/compare/proofpoint-vs-mimecast" class="header-nav__content-link-text">Proofpoint vs. Mimecast</a> </div> <div class="header-nav__content-link"> <a href="/us/compare/proofpoint-vs-cisco" class="header-nav__content-link-text">Proofpoint vs. Cisco</a> </div> <div class="header-nav__content-link"> <a href="/us/compare/proofpoint-vs-microsoft" class="header-nav__content-link-text">Proofpoint vs Microsoft</a> </div> <div class="header-nav__content-link"> <a href="/us/compare/proofpoint-vs-microsoft-purview" class="header-nav__content-link-text">Proofpoint vs. Microsoft Purview</a> </div> <div class="header-nav__content-link"> <a href="/us/compare/proofpoint-vs-legacy-dlp" class="header-nav__content-link-text">Proofpoint vs. Legacy DLP</a> </div> </div> </div> <div class="header-nav__menu-pane" data-content="partners_panel"> <div class="header-nav__content"> <h3 class="header-nav__content-title">Partners</h3> <div class="header-nav__content-heading">Deliver Proofpoint solutions to your customers.</div> <a href=https://partners.proofpoint.com class="global-elements__cta-button header-nav__content-button" > <span>Become a Partner</span> <div class="global-elements__cta-button--arrow-wrapper"></div> </a> <div class="header-nav__content-link"> <a href="/us/partners/trusted-data-solutions-partnership" class="header-nav__content-link-text">Archive Extraction Partners</a> <div class="header-nav__content-link-desc">Learn about Extraction Partners.</div> </div> <div class="header-nav__content-link"> <a href="/us/global-system-integrator-gsi-and-global-managed-service-provider-msp-partners" class="header-nav__content-link-text">GSI Partners</a> <div class="header-nav__content-link-desc">Learn about our global consulting.</div> </div> <div class="header-nav__content-link"> <a href="/us/partners/technology-alliance-partners" class="header-nav__content-link-text">Technology and Alliance Partners</a> <div class="header-nav__content-link-desc">Learn about our relationships.</div> </div> <div class="header-nav__content-link"> <a href="/us/partners/digital-risk-and-compliance-partners" class="header-nav__content-link-text">Social Media Protection Partners</a> <div class="header-nav__content-link-desc">Learn about the technology and....</div> </div> <div class="header-nav__content-link"> <a href="/us/partners/msp" class="header-nav__content-link-text">MSP Partners</a> <div class="header-nav__content-link-desc">Learn about our MSP solutions.</div> </div> <div class="header-nav__content-link"> <a href="https://partners.proofpoint.com" class="header-nav__content-link-text">Portal Login</a> </div> </div> </div> <div class="header-nav__menu-pane" data-content="resources_panel"> <div class="header-nav__content"> <h3 class="header-nav__content-title">Resources</h3> <div class="header-nav__content-heading">Find reports, webinars, blogs, events, podcasts and more.</div> <a href=/us/resources class="global-elements__cta-button header-nav__content-button" > <span>Resource Library</span> <div class="global-elements__cta-button--arrow-wrapper"></div> </a> <div class="header-nav__content-link"> <a href="/us/blog" class="header-nav__content-link-text">Blog</a> <div class="header-nav__content-link-desc">Keep up with the latest news and happenings.</div> </div> <div class="header-nav__content-link"> <a href="/us/webinars" class="header-nav__content-link-text">Webinars</a> <div class="header-nav__content-link-desc">Browse our webinar library to learn about the latest threats, trends and issues in cybersecurity.</div> </div> <div class="header-nav__content-link"> <a href="/us/cybersecurity-academy" class="header-nav__content-link-text">Cybersecurity Academy</a> <div class="header-nav__content-link-desc">Earn your certification to become a Proofpoint Certified Guardian.</div> </div> <div class="header-nav__content-link"> <a href="/us/podcasts" class="header-nav__content-link-text">Podcasts</a> <div class="header-nav__content-link-desc">Learn about the human side of cybersecurity.</div> </div> <div class="header-nav__content-link"> <a href="/us/new-perimeters" class="header-nav__content-link-text">New Perimeters Magazine</a> <div class="header-nav__content-link-desc">Get the latest cybersecurity insights in your hands.</div> </div> <div class="header-nav__content-link"> <a href="/us/threat-reference" class="header-nav__content-link-text">Threat Glossary</a> <div class="header-nav__content-link-desc">Learn about the latest security threats.</div> </div> <div class="header-nav__content-link"> <a href="/us/events" class="header-nav__content-link-text">Events</a> <div class="header-nav__content-link-desc">Connect with us at events to learn how to protect your people and data from ever-evolving threats.</div> </div> <div class="header-nav__content-link"> <a href="/us/customer-stories" class="header-nav__content-link-text">Customer Stories</a> <div class="header-nav__content-link-desc">Read how our customers solve their most pressing cybersecurity challenges.</div> </div> </div> </div> <div class="header-nav__menu-pane" data-content="company_panel"> <div class="header-nav__content"> <h3 class="header-nav__content-title">Company</h3> <div class="header-nav__content-heading">Proofpoint protects organizations' greatest assets and biggest risks: their people.</div> <a href=/us/company/about class="global-elements__cta-button header-nav__content-button" > <span>About Proofpoint</span> <div class="global-elements__cta-button--arrow-wrapper"></div> </a> <div class="header-nav__content-link"> <a href="/us/why-proofpoint" class="header-nav__content-link-text">Why Proofpoint</a> <div class="header-nav__content-link-desc">Learn about our unique people-centric approach to protection.</div> </div> <div class="header-nav__content-link"> <a href="/us/company/careers" class="header-nav__content-link-text">Careers</a> <div class="header-nav__content-link-desc">Stand out and make a difference at one of the world's leading cybersecurity companies.</div> </div> <div class="header-nav__content-link"> <a href="/us/newsroom" class="header-nav__content-link-text">News Center</a> <div class="header-nav__content-link-desc">Read the latest press releases, news stories and media highlights about Proofpoint.</div> </div> <div class="header-nav__content-link"> <a href="/us/legal/trust" class="header-nav__content-link-text">Privacy and Trust</a> <div class="header-nav__content-link-desc">Learn about how we handle data and make commitments to privacy and other regulations.</div> </div> <div class="header-nav__content-link"> <a href="/us/legal/esg" class="header-nav__content-link-text">Environmental, Social, and Governance</a> <div class="header-nav__content-link-desc">Learn how we apply our principles to positively impact our community.</div> </div> <div class="header-nav__content-link"> <a href="/us/support-services" class="header-nav__content-link-text">Support</a> <div class="header-nav__content-link-desc">Access the full range of Proofpoint support services.</div> </div> </div> </div> <div class="header-nav__menu-pane" data-content="platform_panel"> <div class="header-nav__content"> <h3 class="header-nav__content-title">Platform</h3> <div class="header-nav__content-heading">Discover the Proofpoint human-centric platform.</div> <a href=/us/platform class="global-elements__cta-button header-nav__content-button" > <span>Learn More</span> <div class="global-elements__cta-button--arrow-wrapper"></div> </a> <div class="header-nav__content-link"> <a href="/us/platform/nexus" class="header-nav__content-link-text">Nexus</a> <div class="header-nav__content-link-desc">Detection technologies to protect people and defend data.</div> </div> <div class="header-nav__content-link"> <a href="/us/platform/zen" class="header-nav__content-link-text">Zen</a> <div class="header-nav__content-link-desc">Protect and engage users wherever they work.</div> </div> </div> </div> <div class="header-nav__menu-pane" data-content="x_sch"> <div class="header-nav__content"> <div class="header-nav__content-title--search"> Search Proofpoint </div> <div class="header-nav__search"> <form class="header-nav__search-form"> <input type="text" class="header-nav__search-input" placeholder=""> <input type="submit" class="header-nav__search-button" val="Search"> </form> <div class="header-nav__search-sugg-title">Try searching for</div> <div class="header-nav__search-suggestions"> <a href="/us/search?content%5Bquery%5D=Email%20Security" class="header-nav__search-suggestion">Email Security</a> <a href="/us/search?content%5Bquery%5D=Phishing" class="header-nav__search-suggestion">Phishing</a> <a href="/us/search?content%5Bquery%5D=DLP" class="header-nav__search-suggestion">DLP</a> <a href="/us/search?content%5Bquery%5D=Email%20Fraud" class="header-nav__search-suggestion">Email Fraud</a> </div> </div> </div> </div> <div class="header-nav__menu-pane" data-content="x_lgn"> <div class="header-nav__content"> <div class="header-nav__content-title"> Select Product Login </div> <ul class="header-nav__logins"> <li class="header-nav__content-login"> <a href="https://proofpoint.my.site.com/community/s/" target="_blank">Support Log-in</a> </li> <li class="header-nav__content-login"> <a href="https://proofpointcybersecurityacademy.adobelearningmanager.com" target="_blank">Proofpoint Cybersecurity Academy</a> </li> <li class="header-nav__content-login"> <a href="https://digitalrisk.proofpoint.com/" target="_blank">Digital Risk Portal</a> </li> <li class="header-nav__content-login"> <a href="https://emaildefense.proofpoint.com/login.php" target="_blank">Email Fraud Defense</a> </li> <li class="header-nav__content-login"> <a href="https://threatintel.proofpoint.com/" target="_blank">ET Intelligence</a> </li> <li class="header-nav__content-login"> <a href="https://us1.proofpointessentials.com/app/login.php" target="_blank">Proofpoint Essentials</a> </li> <li class="header-nav__content-login"> <a href="https://proofpointcommunities.force.com/community" target="_blank">Sendmail Support Log-in</a> </li> </ul> </div> </div> <div class="header-nav__menu-pane" data-content="x_lng"> <div class="header-nav__content"> <div class="header-nav__content-title"> Select Language </div> <ul class="header-nav__language-links"> <li class="header-nav__language-link"> <a href="/us">English (Americas)</a> </li> <li class="header-nav__language-link"> <a href="/uk">English (Europe, Middle East, Africa)</a> </li> <li class="header-nav__language-link"> <a href="/au">English (Asia-Pacific)</a> </li> <li class="header-nav__language-link"> <a href="/es">Español</a> </li> <li class="header-nav__language-link"> <a href="/de">Deutsch</a> </li> <li class="header-nav__language-link"> <a href="/fr">Français</a> </li> <li class="header-nav__language-link"> <a href="/it">Italiano</a> </li> <li class="header-nav__language-link"> <a href="/br">Português</a> </li> <li class="header-nav__language-link"> <a href="/jp">日本語</a> </li> <li class="header-nav__language-link"> <a href="/kr">한국어</a> </li> </ul> </div> </div> </div> </div> <div class="layout-container"> <div> <div data-drupal-messages-fallback class="hidden"></div> </div> <main class="container" role="main"> <a id="main-content" tabindex="-1"></a> <section class="row"> <div class="layout-content"> <div> <div id="block-particle-content"> <article about="/us/threat-reference/account-takeover-fraud" class="node--type--glossary node--view-mode--full node node-glossary-full"> <script type="application/ld+json"> { "@context": "https://schema.org/", "@type": "DefinedTerm", "name": "What Is Account Takeover Fraud (ATO)?", "description": "Account Takeover Definition How Account Takeover Fraud Happens Factors That Increase Account Takeover Fraud Popularity Account Takeover Fraud Detection Impact of ATO Attacks Account Takeover Fraud Prevention Account Takeover Fraud Protection How Proofpoint Can Help", "url": "https://www.proofpoint.com/us/threat-reference/account-takeover-fraud", "inDefinedTermSet": "https://www.proofpoint.com/us/threat-reference" } </script> <div class="glossary-content__breadcrumbs"> <div class="breadcrumbs _legacy_element _breadcrumbs"><div class="nav-crumbs"><div class="breadcrumb__item"><a href="/us/threat-reference" class="breadcrum__item-link">Glossary</a></div><div class="breadcrumb__item"> What Is Account Takeover Fraud (ATO)? </div></div></div> </div> <div class="glossary-content__hero"> <div class="paragraph paragraph--type--hero-banner-v3 paragraph--view-mode--default hero-banner-v3 _legacy_heros _hero_banner_v3" style="background-image: url("/sites/default/files/styles/webp_conversion/public/general-banners/pfpt-placeholder-banner-2022.png.webp?itok=EgtcKCzS")"> <div class="hero-banner-v3__wrapper hero-banner-v3__wrapper-default"> <h1 class="hero-banner-v3__title"> What Is Account Takeover Fraud (ATO)? </h1> <a href=/us/resources/e-books/stop-email-fraud-scams class="global-elements__cta-button--white" target="" > <span>Stop Email Fraud Scams E-Book</span> <div class="global-elements__cta-button--arrow-wrapper"></div> </a> <a href=/us/targeted-attack-protection-free-trial-offer class="global-elements__cta-button" target="" > <span>Start Your TAP Free Trial</span> <div class="global-elements__cta-button--arrow-wrapper"></div> </a> </div> </div> </div> <div class="glossary-content"> <h3 class="glossary-content__headline"> Table of Contents </h3> <div class="node-full__body glossary-content__body"> <div style="display: flex; flex-wrap: wrap;"> <div style="width: 300px;"> <ul style="margin: 0;"> <li><a href="#toc-1">Account Takeover Definition</a></li> <li><a href="#toc-2">How Account Takeover Fraud Happens</a></li> <li><a href="#toc-3">Factors That Increase Account Takeover Fraud Popularity</a></li> <li><a href="#toc-4">Account Takeover Fraud Detection</a></li> </ul> </div> <div style="width: 300px;"> <ul style="margin: 0;"> <li><a href="#toc-5">Impact of ATO Attacks</a></li> <li><a href="#toc-6">Account Takeover Fraud Prevention</a></li> <li><a href="#toc-7">Account Takeover Fraud Protection</a></li> <li><a href="#toc-8">How Proofpoint Can Help</a></li> </ul> </div> </div> </div> </div> <div class="glossary__components"> <div class="paragraph paragraph--type--space paragraph--view-mode--full space _legacy_customer _space"> <div class="space__wrapper"> <div class="space__item space__sm"> </div> </div> </div> <span data-smooth-scroll="true" class="anchor_link _legacy_element _anchor" id="toc-1"></span> <div class="utl-disable-bottom-margin paragraph paragraph--type--text-columns paragraph--view-mode--full text-cols _legacy_text _text-columns"> <div class="block-text-cols__cols block-text-cols__cols-1"> <div class="paragraph paragraph--type--text-column paragraph--view-mode--default block-text-cols__cols__item"> <h3 class="block-text-cols__title">Account Takeover Definition</h3> <div class="block-text-cols__body"> <p>Account takeover fraud, or account compromise, occurs when a cyber attacker gains control of a legitimate account. Account takeover fraud (ATO) is characterized by unauthorized individuals taking over someone else’s online account — such as a bank account, email account, or social media profile — without the account owner’s permission. This criminal activity is achieved by obtaining the account holder’s login credentials through different types of attacks, including <a data-entity-substitution="canonical" data-entity-type="node" data-entity-uuid="3d41a44d-bc21-401b-8912-4f84e4e683ce" href="/us/threat-reference/phishing" title="Phishing">phishing</a>, malware attacks, <a data-entity-substitution="canonical" data-entity-type="node" data-entity-uuid="4d1cd792-cfe7-4903-8091-18e49f4e61c3" href="/us/threat-reference/social-engineering" title="Social Engineering">social engineering</a>, or data breaches.</p> <p>Once they have control of an account, attackers can launch a variety of attacks, such as:</p> </div> </div> </div> </div> <div class="utl-disable-bottom-margin paragraph paragraph--type--text-columns paragraph--view-mode--full text-cols _legacy_text _text-columns"> <div class="block-text-cols__cols block-text-cols__cols-2"> <div class="paragraph paragraph--type--text-column paragraph--view-mode--default block-text-cols__cols__item"> <div class="block-text-cols__body"> <ul> <li><strong>Internal phishing:</strong> Emails between employees in the same organization using a compromised corporate account.</li> <li><strong>Supply-chain phishing:</strong> Most organizations do business over email. An attacker gaining control over a legitimate account can assume your employee’s identity to defraud customers and business partners.</li> <li><strong>BEC-style attacks:</strong> Think of account takeovers as the ultimate <a data-entity-substitution="canonical" data-entity-type="node" data-entity-uuid="7efea6e9-d172-42f3-8eb3-ff2886a123a6" href="/us/threat-reference/impersonation-attack" title="Email Impersonation Attacks">impersonation tactic</a>. In ATO, attackers hijack an email account to essentially become its owner. ATO attacks bypass many email authentication controls.</li> </ul> </div> </div> <div class="paragraph paragraph--type--text-column paragraph--view-mode--default block-text-cols__cols__item"> <div class="block-text-cols__body"> <ul> <li><strong>Data exfiltration:</strong> Gaining access to someone’s mailbox, attackers can access not just email but also calendar events, contacts, and sensitive data in file shares.</li> <li><strong>Financial fraud:</strong> If attackers gain control of someone’s bank account or other financial services, they can steal funds directly via fraudulent wire transfers and purchases.</li> </ul> </div> </div> </div> </div> <div class="paragraph paragraph--type--space paragraph--view-mode--full space _legacy_customer _space"> <div class="space__wrapper"> <div class="space__item space__sm"> </div> </div> </div> <div class="paragraph paragraph--type--text-columns paragraph--view-mode--full text-cols _legacy_text _text-columns"> <div class="block-text-cols__cols block-text-cols__cols-1"> <div class="paragraph paragraph--type--text-column paragraph--view-mode--default block-text-cols__cols__item"> <div class="block-text-cols__body"> <p>Account takeover techniques are usually automated using scripts that potentially contain thousands of credentials and user accounts. Revenue generated from a successful attack can reach millions on darknet markets for an advanced attack.</p> </div> </div> </div> </div> <div class="paragraph paragraph--type--space paragraph--view-mode--full space _legacy_customer _space"> <div class="space__wrapper"> <div class="space__item space__md"> </div> </div> </div> <div class="paragraph paragraph--type--free-trial-panel paragraph--view-mode--full free-trial-panel _legacy-ctas _free-trial-panel free-trial-panel--black v3-dark-bg-only free-trial-panel--no-img"> <div class="free-trial-panel__wrapper"> <div class="free-trial-panel__content"> <div class="free-trial-panel__heading"> <h3>Cybersecurity Education and Training Begins Here</h3> </div> <a href=# class="global-elements__cta-button--white free-trial-panel__action-btn" > <span>Start a Free Trial</span> <div class="global-elements__cta-button--arrow-wrapper"></div> </a> </div> </div> <div class="free-trial-panel-form"> <div class="paragraph paragraph--type--marketo-form paragraph--view-mode--default marketo-form _legacy_customer _marketo_form UNCONVERTED"> <div class="marketo-form__content"> <h2>Here’s how your free trial works:</h2> <ul> <li>Meet with our cybersecurity experts to assess your environment and identify your threat risk exposure</li> <li>Within 24 hours and minimal configuration, we’ll deploy our solutions for 30 days</li> <li>Experience our technology in action!</li> <li>Receive report outlining your security vulnerabilities to help you take immediate action against cybersecurity attacks</li> </ul> <p>Fill out this form to request a meeting with our cybersecurity experts.</p> </div> <div class="marketo-form__form-container"> <div class="mk-form"> <div class="mk-form__form-container _legacy_element _marketo_form"> <script type="IN/Form2" data-data-form="mktoForm_3331" data-field-firstname="FirstName" data-field-lastname="LastName" data-field-email="Email" data-field-company="Company" data-field-title="Title" data-field-state="State" data-field-country="Country" ></script> <form id="mktoForm_3331" data-mkto-id="3331" data-mkto-base="//go.proofpoint.com" data-munchkin-id="309-RHV-619" data-submit-text="" data-redirect-link="" data-prefill="" data-event-label="" data-lang-code="us" data-validate-email="1" class="mk-form__form marketo-form-block__form" ></form> </div> </div> <div class="mk-form__success"> <p>Thank you for your submission.</p> </div> </div> </div> </div> </div> <div class="paragraph paragraph--type--space paragraph--view-mode--full space _legacy_customer _space"> <div class="space__wrapper"> <div class="space__item space__lg"> </div> </div> </div> <span data-smooth-scroll="true" class="anchor_link _legacy_element _anchor" id="toc-2"></span> <div class="paragraph paragraph--type--text-columns paragraph--view-mode--full text-cols _legacy_text _text-columns"> <div class="block-text-cols__cols block-text-cols__cols-1"> <div class="paragraph paragraph--type--text-column paragraph--view-mode--default block-text-cols__cols__item"> <h3 class="block-text-cols__title">How Account Takeover Fraud Happens</h3> <div class="block-text-cols__body"> <p>The foundation for a successful account takeover is access to a user’s account credentials. Here’s how attackers typically compromise legitimate accounts:</p> <ul> <li><strong><a data-entity-substitution="canonical" data-entity-type="node" data-entity-uuid="50f81432-a1f7-4c37-b2e3-31d386a93d7f" href="/us/threat-reference/brute-force-attack" title="Brute-Force Attack">Brute-force attacks</a>:</strong> The attacker, usually through an automated script, tries a username/password combination across many accounts until one works. These include so-called dictionary attacks, in which attackers use common passwords and dictionary terms to guess passwords.</li> <li><strong>Breach replay attack (also known as credential stuffing):</strong> It’s a bad practice, but many people use the same password for multiple accounts. If one of those passwords is leaked in an unrelated data breach, any other account with the same username (often an email address) and password is at risk.</li> <li><strong><a data-entity-substitution="canonical" data-entity-type="node" data-entity-uuid="5a387409-64a9-407a-acab-eac0ffcada9b" href="/us/threat-reference/man-in-the-middle-attack-mitm" title="Adversary-in-the-Middle Attack">Man-in-the-middle (MitM) attacks</a>:</strong> By intercepting communication between users and websites, attackers can steal login credentials and other sensitive information that enables them to take over accounts.</li> <li><strong>Phishing:</strong> Old-fashioned credential phishing remains an effective way to steal a victim’s password. Without controls such as multifactor authentication (MFA), lost credentials can lead to <a data-entity-substitution="canonical" data-entity-type="node" data-entity-uuid="25dae3ba-b983-4d12-ba25-430ad1ec71d7" href="/us/threat-reference/compromised-account" title="Compromised Account">compromised accounts</a>.</li> <li><strong>Malware attacks:</strong> Keyloggers, stealers and other <a data-entity-substitution="canonical" data-entity-type="node" data-entity-uuid="5312929a-c85d-4291-a361-e34378e7fdff" href="/us/threat-reference/malware" title="Malware">forms of malware</a> can expose user credentials, giving attackers control of victims’ accounts.</li> <li><strong>Data exfiltration:</strong> The unauthorized retrieval, transfer, or copying of data from a device or server provides attackers access to login credentials, such as usernames and passwords, to gain control of an account.</li> <li><strong><a data-entity-substitution="canonical" data-entity-type="node" data-entity-uuid="da7b92c7-63db-4ead-976f-cb9cce31aef2" href="/us/threat-reference/credential-stuffing" title="Credential Stuffing">Credential stuffing</a>:</strong> Cyber-attackers employ automated tools to gather and test stolen usernames and passwords from data breaches on other websites to gain unauthorized access to accounts.</li> </ul> <p>Attackers can also download cracked passwords from darknet markets to attempt ATO on the same user accounts on their target site.</p> <p>After the attacker has a long list of credentials, several ATO applications are available for download. A few notable tools include SentryMBA, SNIPR, STORM, and MailRanger. The following image is one of the main windows in SentryMBA:</p> <p> </p> <article class="align-center"><img alt="Account takeover fraud example" src="/sites/default/files/styles/webp_conversion/public/misc/glossary-account-takover.png.webp?itok=c1eXDRVf"></article> <p> </p> <p>SentryMBA is an automated attack tool used by cybercriminals and one of the more popular ones due to its options and general settings. At the top, an attacker inputs the site where requests are sent for authentication into user accounts. Other settings include the list of passwords and usernames, the ability to save a list of successful authentication attempts, and timeout settings that help that attacker avoid detection. The entire ATO attack is automated, so most of the effort is spent stealing credentials. Tools such as SentryMBA can run indefinitely on the attacker’s computer until it creates a list of stolen accounts.</p> <p>In some account takeover fraud scenarios, an attacker will not use the initial ATO attack on the primary target site. As users commonly use the <a data-entity-substitution="canonical" data-entity-type="node" data-entity-uuid="93a3dca7-fcb6-4e42-8295-772cd5acdb86" href="/us/security-awareness/post/conventional-wisdom-weakening-your-passwords" title="Is Conventional Wisdom Weakening Your Passwords?">same credentials across several sites</a>, an attacker might use a site with weaker cybersecurity defenses and fraud detection to validate credentials.</p> <p>If a user employs the same credentials across multiple sites, the attacker’s successful authentication into one site might work on the primary site. For instance, an attacker might use SentryMBA to authenticate into a popular hotel site, knowing most users have accounts with prominent hotel brands for traveling. If authentication is successful on the hotel site, it could also be successful on a banking site. By validating credentials on a secondary site first, the attacker reduces the number of authentication attempts, minimizing the likelihood of detection.</p> <p>With a list of successfully authenticated accounts, an attacker has two choices: transfer money or sell the validated credentials online. Attackers can transfer funds from a targeted user’s bank account to their accounts. On credit card sites, an attacker could order new credit cards in a targeted user’s name but send new cards to their address. If a site doesn’t have proper ATO fraud detection, targeted users have no idea when money is transferred, or a credit card is sent to a new address.</p> <p>Selling the list of authenticated accounts could mean a high payout for attackers. The <a href="https://www.digitaltrends.com/computing/personal-data-sold-on-the-dark-web-how-much-it-costs/" rel=" noopener" target="_blank">value of just one hacked account</a> depends on the amount of data stolen and the type of account. For instance, a PayPal account could be worth $1,200, while a targeted user’s personal data could be sold from $40 to $200. Bank cards are worth $800 to $1,000. With hundreds and potentially thousands of accounts, an attacker could have a hefty payday selling on darknet markets and limit detection compared to directly stealing from victims.</p> <p>ATO fraud is not limited to banking and credit card accounts. Attackers can also use rewards cards and services, including stored points on hotel accounts and airline miles. This fraud is gaining interest because targeted users rarely monitor reward accounts for fraud compared to credit cards and bank accounts.</p> </div> </div> </div> </div> <div class="paragraph paragraph--type--space paragraph--view-mode--full space _legacy_customer _space"> <div class="space__wrapper"> <div class="space__item space__md"> </div> </div> </div> <div class="paragraph paragraph--type--featured-asset-panel paragraph--view-mode--full featured-asset _legacy-ctas _featured-asset"> <div class="featured-asset__bg"></div> <div class="featured-asset__wrapper"> <div class="featured-asset__content"> <h4 class="featured-asset__headline">Social Media Protection</h4> <p class="featured-asset__summary">Real-time security for your branded social media accounts</p> </div> <a href=/us/products/digital-risk-protection/social-media-protection class="global-elements__cta-button featured-asset__button featured-asset__button--premium" > <span>Learn More</span> <div class="global-elements__cta-button--arrow-wrapper"></div> </a> </div> </div> <div class="paragraph paragraph--type--space paragraph--view-mode--full space _legacy_customer _space"> <div class="space__wrapper"> <div class="space__item space__md"> </div> </div> </div> <span data-smooth-scroll="true" class="anchor_link _legacy_element _anchor" id="toc-3"></span> <div class="paragraph paragraph--type--text-columns paragraph--view-mode--full text-cols _legacy_text _text-columns"> <div class="block-text-cols__cols block-text-cols__cols-1"> <div class="paragraph paragraph--type--text-column paragraph--view-mode--default block-text-cols__cols__item"> <h3 class="block-text-cols__title">Factors That Increase Account Takeover Fraud Popularity</h3> <div class="block-text-cols__body"> <p>Darknet markets make account takeover fraud much more attractive to attackers by reducing liability as they no longer need to steal directly from targeted users. Attackers wanting to steal directly from targeted users can simply purchase valid accounts on darknet markets instead of performing the arduous task of cracking passwords.</p> <p>While darknet markets make it easier to steal from users, increased online financial accounts and offerings also fuel the market. Targeted users often have many financial accounts spread across several websites. The proliferation of financial accounts and online presence means an increase in the attack surface for ATO fraud.</p> </div> </div> </div> </div> <div class="paragraph paragraph--type--space paragraph--view-mode--full space _legacy_customer _space"> <div class="space__wrapper"> <div class="space__item space__md"> </div> </div> </div> <span data-smooth-scroll="true" class="anchor_link _legacy_element _anchor" id="toc-4"></span> <div class="paragraph paragraph--type--text-columns paragraph--view-mode--full text-cols _legacy_text _text-columns"> <div class="block-text-cols__cols block-text-cols__cols-1"> <div class="paragraph paragraph--type--text-column paragraph--view-mode--default block-text-cols__cols__item"> <h3 class="block-text-cols__title">Account Takeover Fraud Detection</h3> <div class="block-text-cols__body"> <p>Detecting ATO fraud can be challenging, but often these attacks can be detected by monitoring for suspicious activity and behavior. Here are some of the most effective ways to identify potential ATO threats:</p> <ul> <li><strong>Monitor emails and other communications:</strong> It’s critical to implement measures that effectively monitor emails, text messages, and other communications for suspicious activity, like phishing attempts or requests for sensitive information.</li> <li><strong>Recognize suspicious IP addresses:</strong> Look for unusual activity regarding suspicious <a data-entity-substitution="canonical" data-entity-type="node" data-entity-uuid="d205ad50-de44-4be3-8d46-2291d31df80b" href="/us/threat-reference/ip-address" title="IP Address">IP addresses</a> (e.g., from countries outside typical access locations) and analyze timestamp data transfers. This helps identify fraudsters attempting to take over an account.</li> <li><strong>Leverage machine learning models:</strong> Use <a data-entity-substitution="canonical" data-entity-type="node" data-entity-uuid="96a94b2f-37ac-4d10-8a21-1213df6c8138" href="/us/threat-reference/machine-learning" title="Machine Learning">machine learning models</a> to help pinpoint fraudulent online activity by detecting account compromise through malicious takeovers, phishing, or from credentials being stolen.</li> <li><strong>Identify and block requests from known attackers:</strong> Identify and block requests from known attackers and detect bad bots used by attackers as part of ATO attacks. You can also find credential stuffing on login attempts and block them.</li> <li><strong>Pinpoint unknown devices:</strong> Attackers will often use device spoofing techniques to conceal what device they’re using. If your system detects devices as “unknown,” especially at an abnormally high ratio, then an ATO threat is likely.</li> <li><strong>Multiple accounts being accessed by one device:</strong> If an attacker steals and accesses more than one account, their activity will likely be linked to one device. This can be a sign of an ATO attack.</li> <li><strong>Use AI-based detection technology:</strong> ATO attacks often use fourth-generation bots that mimic user behaviors, making them difficult to isolate. AI-based detection technology can be effective in identifying these ATO attacks.</li> </ul> <p>By implementing these strategies, you can better detect and prevent ATO fraud and protect your accounts from unauthorized access.</p> </div> </div> </div> </div> <div class="paragraph paragraph--type--space paragraph--view-mode--full space _legacy_customer _space"> <div class="space__wrapper"> <div class="space__item space__md"> </div> </div> </div> <span data-smooth-scroll="true" class="anchor_link _legacy_element _anchor" id="toc-5"></span> <div class="utl-disable-bottom-margin paragraph paragraph--type--text-columns paragraph--view-mode--full text-cols _legacy_text _text-columns"> <div class="block-text-cols__cols block-text-cols__cols-1"> <div class="paragraph paragraph--type--text-column paragraph--view-mode--default block-text-cols__cols__item"> <h3 class="block-text-cols__title">Impact of ATO Attacks</h3> <div class="block-text-cols__body"> <p>Successful ATO attacks can have a serious negative impact on both individuals and businesses. Some of the ramifications of ATO fraud at both levels:</p> </div> </div> </div> </div> <div class="utl-disable-bottom-margin paragraph paragraph--type--text-columns paragraph--view-mode--full text-cols _legacy_text _text-columns"> <div class="block-text-cols__cols block-text-cols__cols-2"> <div class="paragraph paragraph--type--text-column paragraph--view-mode--default block-text-cols__cols__item"> <div class="block-text-cols__body"> <ul> <li><strong>Identity theft:</strong> ATO fraudsters can steal personal information, such as social security numbers, credit card numbers, and login credentials used for <a data-entity-substitution="canonical" data-entity-type="node" data-entity-uuid="077d5d81-f230-499a-a65d-87c129c43d32" href="/us/threat-reference/identity-theft" title="Identity Theft">identity theft</a>. The outcome can result in severe financial losses and lower credit scores.</li> <li><strong>Financial losses:</strong> ATO fraudsters can use stolen login credentials to make unauthorized purchases, transfer funds, or access other accounts linked to the victim’s account. This can result in significant financial losses for individuals and businesses. A study by <a href="https://www.security.org/digital-safety/account-takeover-prevention/" rel=" noopener" target="_blank">Security.org</a> found the average ATO to incur financial losses of around $12,000.</li> <li><strong>Reputational damage:</strong> For businesses, ATO fraud can result in reputational damage, leading to a loss of customers and revenue.</li> </ul> </div> </div> <div class="paragraph paragraph--type--text-column paragraph--view-mode--default block-text-cols__cols__item"> <div class="block-text-cols__body"> <ul> <li><strong>Chargebacks:</strong> Fraudulent transactions resulting from ATO attacks may come back as chargebacks, which can cause businesses to bear costs associated with disputing and processing them.</li> <li><strong>Negative impact on user experience:</strong> ATO attacks can severely damage both user experience and brand reputation. For instance, eCommerce companies are obligated to keep user accounts safe, and failure to do so can harm their business through fraudulent transactions, payment fraud, user distrust, and negative brand reputation. eCommerce accounts are the most heavily targeted, making up 61% of ATO attacks, according to <a href="https://www.intellicheck.com/5-account-takeover-statistics-you-need-to-know/" rel=" noopener" target="_blank">Intellicheck.com</a>.</li> </ul> </div> </div> </div> </div> <div class="paragraph paragraph--type--space paragraph--view-mode--full space _legacy_customer _space"> <div class="space__wrapper"> <div class="space__item space__sm"> </div> </div> </div> <div class="paragraph paragraph--type--text-columns paragraph--view-mode--full text-cols _legacy_text _text-columns"> <div class="block-text-cols__cols block-text-cols__cols-1"> <div class="paragraph paragraph--type--text-column paragraph--view-mode--default block-text-cols__cols__item"> <div class="block-text-cols__body"> <p>To prevent the ramifications of ATO fraud, proactive measures are imperative to protect sensitive information and monitor accounts for suspicious activity.</p> </div> </div> </div> </div> <div class="paragraph paragraph--type--space paragraph--view-mode--full space _legacy_customer _space"> <div class="space__wrapper"> <div class="space__item space__md"> </div> </div> </div> <div class="paragraph paragraph--type--featured-asset-panel paragraph--view-mode--full featured-asset _legacy-ctas _featured-asset"> <div class="featured-asset__bg"></div> <div class="featured-asset__wrapper"> <div class="featured-asset__content"> <h4 class="featured-asset__headline">Digital Risk Protection</h4> <p class="featured-asset__summary">Secure your brand and customers against digital security risks</p> </div> <a href=/us/products/digital-risk-protection class="global-elements__cta-button featured-asset__button featured-asset__button--premium" > <span>Learn More</span> <div class="global-elements__cta-button--arrow-wrapper"></div> </a> </div> </div> <div class="paragraph paragraph--type--space paragraph--view-mode--full space _legacy_customer _space"> <div class="space__wrapper"> <div class="space__item space__md"> </div> </div> </div> <span data-smooth-scroll="true" class="anchor_link _legacy_element _anchor" id="toc-6"></span> <div class="paragraph paragraph--type--text-columns paragraph--view-mode--full text-cols _legacy_text _text-columns"> <div class="block-text-cols__cols block-text-cols__cols-1"> <div class="paragraph paragraph--type--text-column paragraph--view-mode--default block-text-cols__cols__item"> <h3 class="block-text-cols__title">Account Takeover Fraud Prevention</h3> <div class="block-text-cols__body"> <p>As ATO fraud continues to escalate as a growing threat to individuals and businesses, there’s a heightened need to implement strategies to prevent such costly attacks:</p> <ul> <li><strong>Set rate limits on login attempts:</strong> Organizations should set rate limits on login attempts based on username, device, and IP address. These limits can be determined based on the standard behavior of users as a benchmark to help prevent account takeover. You can also incorporate limits on the use of proxies, VPNs, and other factors.</li> <li><strong>Employ password security policies:</strong> Ensure employees always use unique, <a data-entity-substitution="canonical" data-entity-type="node" data-entity-uuid="0f4e4fcd-627a-406a-b38d-a613878b7b89" href="/us/blog/security-awareness-training/how-strong-my-password-guide-enable-your-employees-set-strong" title="How Strong Is My Password? A Guide to Enable Your Employees to Set Strong Passwords ">strong passwords</a> across their accounts. To manage a collection of passwords, use secure services like LastPass, 1Password, or Bitwarden to minimize the burden of exhaustive password management.</li> <li><strong>Early detection:</strong> ATO prevention is possible with early detection. Stopping ATO requires understanding the attack timeline and solving for different attack patterns occurring in the first 18-24 months following a breach.</li> <li><strong>Freeze compromised accounts:</strong> If an account is compromised, the first thing to do is to freeze it. This helps prevent attackers from performing actions like changing passwords.</li> <li><strong>Implement multifactor authentication:</strong> Multifactor authentication adds extra layers of security to accounts by requiring an additional form of authentication, such as a code sent to a mobile device, in addition to a password.</li> <li><strong>Leverage CAPTCHA:</strong> Instead of locking out an IP, fraud detection systems can display a CAPTCHA after a specific number of authentication attempts. The CAPTCHA could be required for a specified duration after too many authentication requests from the same IP address.</li> <li><strong>Monitor accounts for suspicious activity:</strong> It is important to monitor accounts for suspicious activity, such as failed login attempts, changes to account information, and unusual transactions.</li> </ul> <p>By implementing these prevention strategies, individuals and businesses can take the initiative to effectively prevent ATO attacks and better protect sensitive information and accounts from unauthorized access.</p> </div> </div> </div> </div> <div class="paragraph paragraph--type--space paragraph--view-mode--full space _legacy_customer _space"> <div class="space__wrapper"> <div class="space__item space__md"> </div> </div> </div> <span data-smooth-scroll="true" class="anchor_link _legacy_element _anchor" id="toc-7"></span> <div class="paragraph paragraph--type--text-columns paragraph--view-mode--full text-cols _legacy_text _text-columns"> <div class="block-text-cols__cols block-text-cols__cols-1"> <div class="paragraph paragraph--type--text-column paragraph--view-mode--default block-text-cols__cols__item"> <h3 class="block-text-cols__title">Account Takeover Fraud Protection</h3> <div class="block-text-cols__body"> <p>In addition to employing prevention strategies against account takeovers, several tools and solutions can help minimize the potential of ATO attacks.</p> <h4>Threat Intelligence and Monitoring</h4> <p>These tools monitor and analyze data from various sources, including known blocklists, <a data-entity-substitution="canonical" data-entity-type="node" data-entity-uuid="089fd102-4c13-4972-ae00-d80e9b78ad6f" href="/us/threat-reference/data-breach" title="Data Breach">data breaches</a>, and suspicious online activities, to detect potential threats and account compromises. They can provide real-time alerts and help prevent fraudulent access attempts.</p> <h4>Account Activity Monitoring and User Profiling</h4> <p>Solutions that monitor user account activities, such as login history, transactions, and changes to account settings, can identify unusual or suspicious behavior. User profiling involves analyzing historical data and user behavior to establish patterns and detect anomalies.</p> <h4>User Education and Security Awareness Training</h4> <p><a data-entity-substitution="canonical" data-entity-type="node" data-entity-uuid="c932da4d-9d01-49db-9ca2-3b4f646dd7a7" href="/us/threat-reference/security-awareness-training" title="Security Awareness Training">Cybersecurity training</a> to educate users about common attack methods, phishing techniques, and best security practices can help prevent account takeover fraud. This includes promoting strong password hygiene, caution against sharing sensitive information, and providing guidance on recognizing and reporting suspicious activities.</p> <h4>IP Geolocation and Anomaly Detection</h4> <p>These tools analyze the geographic location and behavioral patterns associated with login attempts. They can identify suspicious activities, such as login attempts from unfamiliar locations or unusual login patterns, and trigger additional security measures or alerts.</p> <h4>Device Fingerprinting</h4> <p>This technique involves collecting and analyzing device-specific data, such as IP address, operating system, browser type, and cookies, to create a unique identifier or “fingerprint” for each device. Fingerprinting helps detect anomalies like login attempts from unrecognized devices and flags potential account takeover attempts.</p> <h4>Behavioral Biometrics</h4> <p>Behavioral biometrics solutions analyze user behavior patterns, including keystrokes, mouse movements, typing speed, and navigation patterns, to establish a baseline of normal behavior. Any deviations from the baseline can trigger alerts and indicate possible fraudulent activity.</p> <p>It’s important to note that these tools and solutions should be implemented as part of a comprehensive cybersecurity and data protection strategy, as tailored to the specific needs of the organization or individual, and regularly updated to address emerging threats and vulnerabilities.</p> </div> </div> </div> </div> <div class="paragraph paragraph--type--space paragraph--view-mode--full space _legacy_customer _space"> <div class="space__wrapper"> <div class="space__item space__md"> </div> </div> </div> <span data-smooth-scroll="true" class="anchor_link _legacy_element _anchor" id="toc-8"></span> <div class="utl-disable-bottom-margin paragraph paragraph--type--text-columns paragraph--view-mode--full text-cols _legacy_text _text-columns"> <div class="block-text-cols__cols block-text-cols__cols-1"> <div class="paragraph paragraph--type--text-column paragraph--view-mode--default block-text-cols__cols__item"> <h3 class="block-text-cols__title">How Proofpoint Can Help</h3> <div class="block-text-cols__body"> <p>Proofpoint’s <a data-entity-substitution="canonical" data-entity-type="node" data-entity-uuid="c461d531-fec7-4d64-bd31-a4e7f0477dfc" href="/us/products/advanced-threat-protection/targeted-attack-protection" title="Targeted Attack Protection">Targeted Attack Protection (TAP)</a> is an advanced threat protection solution that helps organizations detect, analyze, and block advanced threats before they reach their inbox. TAP identifies and blocks advanced email threats, including ransomware and other advanced email threats delivered through malicious attachments and URLs.</p> <p><a data-entity-substitution="canonical" data-entity-type="node" data-entity-uuid="73af53c9-4bde-454f-9e07-b58edb186a0d" href="/us/resources/data-sheets/account-takeover-protection" title="Proofpoint Account Takeover Protection">TAP Account Takeover</a> from Proofpoint is an add-on to TAP that extends its capabilities by detecting compromised accounts and protecting emails and cloud environments. It further defends threats that can lead to ATO attacks by focusing on:</p> </div> </div> </div> </div> <div class="utl-disable-bottom-margin paragraph paragraph--type--text-columns paragraph--view-mode--full text-cols _legacy_text _text-columns"> <div class="block-text-cols__cols block-text-cols__cols-2"> <div class="paragraph paragraph--type--text-column paragraph--view-mode--default block-text-cols__cols__item"> <div class="block-text-cols__body"> <ul> <li><strong>Visibility across the entire email account takeover attack chain:</strong> Proofpoint TAP ATO provides visibility across the entire email account takeover attack chain. It accelerates detection and response to ATO attacks, helping organizations to prevent and mitigate the impact of these attacks.</li> <li><strong>Detecting compromised accounts:</strong> Proofpoint TAP detects compromised accounts and alerts security teams to take action. This helps prevent ATO attacks before they can cause damage.</li> </ul> </div> </div> <div class="paragraph paragraph--type--text-column paragraph--view-mode--default block-text-cols__cols__item"> <div class="block-text-cols__body"> <ul> <li><strong>Preventing phishing attacks:</strong> Proofpoint helps prevent phishing attacks, a common method attackers use to access accounts. Proofpoint’s solutions use machine learning and other advanced techniques to detect and block phishing attacks.</li> <li><strong>Protecting against data exfiltration:</strong> Proofpoint’s solutions protect against data exfiltration, which is a common goal of ATO attacks. Proofpoint’s solutions use advanced threat intelligence and analytics to detect and prevent data exfiltration.</li> </ul> </div> </div> </div> </div> <div class="paragraph paragraph--type--space paragraph--view-mode--full space _legacy_customer _space"> <div class="space__wrapper"> <div class="space__item space__sm"> </div> </div> </div> <div class="paragraph paragraph--type--text-columns paragraph--view-mode--full text-cols _legacy_text _text-columns"> <div class="block-text-cols__cols block-text-cols__cols-1"> <div class="paragraph paragraph--type--text-column paragraph--view-mode--default block-text-cols__cols__item"> <div class="block-text-cols__body"> <p>By using Proofpoint’s solutions, organizations can prevent and detect ATO attacks, protecting their sensitive information and accounts from unauthorized access.</p> </div> </div> </div> </div> <div class="paragraph paragraph--type--space paragraph--view-mode--full space _legacy_customer _space"> <div class="space__wrapper"> <div class="space__item space__md"> </div> </div> </div> <div class="paragraph paragraph--type--resources paragraph--view-mode--full resources-block _legacy_blocks _resources-block"> <div class="resources-block__wrapper"> <div class="resources-block__inner-wrapper"> <div class="resources-block__heading-wrapper"> <h3 class="resources-block__heading"> Related Resources </h3> </div> <div class="resources-block__resources"> <div about="/us/blog/cybersecurity-essentials/combatting-bec-and-eac-how-cloud-app-security-can-protect-your-company" class="node--type--blog-post node--view-mode--teaser-v3 blog-teaser-v3 resource-teaser-v3 UNCONVERTED"> <a class="blog-teaser-v3__url _legacy_element _link" href="/us/blog/cybersecurity-essentials/combatting-bec-and-eac-how-cloud-app-security-can-protect-your-company"> <div class="blog-teaser-v3__image"></div> <h3 class="blog-teaser-v3__type">Blog</h3> <h4 class="blog-teaser-v3__title"> <span>Combatting BEC and EAC: How Cloud App Security Can Protect Your Company from Email Account Compromise (EAC)</span> </h4> </a> </div> <div about="/us/blog/cybersecurity-essentials/anatomy-business-email-compromise-and-email-account-compromise-attack" class="node--type--blog-post node--view-mode--teaser-v3 blog-teaser-v3 resource-teaser-v3 UNCONVERTED"> <a class="blog-teaser-v3__url _legacy_element _link" href="/us/blog/cybersecurity-essentials/anatomy-business-email-compromise-and-email-account-compromise-attack"> <div class="blog-teaser-v3__image"></div> <h3 class="blog-teaser-v3__type">Blog</h3> <h4 class="blog-teaser-v3__title"> <span>The Anatomy of a Business Email Compromise and Email Account Compromise Attack</span> </h4> </a> </div> <div about="/us/resources/e-books/business-email-compromise-handbook" class="node--type--resource-item node--view-mode--teaser-v3 resource-teaser-v3 _legacy_content _resource"> <a class="resource-teaser-v3__url _legacy_element _link" href="/us/resources/e-books/business-email-compromise-handbook"> <div class="resource-teaser-v3__image" data-type="ebook"></div> <h3 class="resource-teaser-v3__type">E-book</h3> <h4 class="resource-teaser-v3__title"> The Business Email Compromise Handbook </h4> </a> </div> </div> <div class="resources-block__link-wrapper"> <a class="resources-block__link _legacy_element _link" href="/us/resources"> See more resources </a> </div> </div> </div> </div> <div class="subscribe-block blog-subscribe _legacy_blocks _subscribe-block subscribe-block--black blog-subscribe--black v3-dark-bg-only" data-animate="true"> <div class="subscribe-block__inner blog-subscribe__inner"> <div class="subscribe-block__copy"> <h3 class="subscribe-block__heading"> Subscribe to the Proofpoint Blog </h3> </div> <div class="subscribe-block__form"> <div class="mk-form"> <div class="mk-form__form-container _legacy_element _marketo_form"> <script type="IN/Form2" data-data-form="mktoForm_19277" data-field-firstname="FirstName" data-field-lastname="LastName" data-field-email="Email" data-field-company="Company" data-field-title="Title" data-field-state="State" data-field-country="Country" ></script> <form id="mktoForm_19277" data-mkto-id="19277" data-mkto-base="//go.proofpoint.com" data-munchkin-id="309-RHV-619" data-submit-text="" data-redirect-link="" data-prefill="" data-event-label="" data-lang-code="us" data-validate-email="1" class="mk-form__form marketo-form-block__form" ></form> </div> </div> </div> </div> </div> <div class="paragraph paragraph--type--space paragraph--view-mode--full space _legacy_customer _space"> <div class="space__wrapper"> <div class="space__item space__md"> </div> </div> </div> <div class="paragraph paragraph--type--cta-banner paragraph--view-mode--full cta-banner _legacy_ctas _cta-banner cta-banner--bg" data-background-image="/sites/default/files/styles/webp_conversion/public/cta-banner/cta-bkgd.jpg.webp?itok=tZl9397s"> <div class="cta-banner__wrapper"> <h2 class="cta-banner__heading"> Ready to Give Proofpoint a Try? </h2> <p class="cta-banner__body">Start with a free Proofpoint trial.</p> <div class="cta-banner__buttons"> <a href=/us/free-trial-request-legacy class="global-elements__cta-button--white" target="" > <span>Get Protected</span> <div class="global-elements__cta-button--arrow-wrapper"></div> </a> </div> </div> </div> </div> <div class="glossary__content-pager"> <div class="content-pager _legacy_blocks _content_pager"> <div class="content-pager__items-wrapper"> <div class="content-pager__items"> <div class="content-pager__item content-pager__item--prev"> </div> <div class="content-pager__item content-pager__item--next"> <a href="/us/threat-reference/active-directory" hreflang="en">Next Glossary</a> </div> </div> </div> </div> </div> </article> </div> </div> </div> </section> </main> </div> <div class="footer-v3" data-animate="true"> <div class="footer-v3__inner"> <nav class="footer-v3__nav"> <div class="footer-v3__nav-wrapper"> <div class="footer-v3__nav-heading">Products</div> <ul class="footer-v3__nav-collapsible"> <li><a href="/us/products/protect-people">Protect People</a></li> <li><a href="/us/products/defend-data">Defend Data</a></li> <li><a href="/us/products/mitigate-human-risk">Mitigate Human Risk</a></li> <li><a href="/us/products/premium-services">Premium Services</a></li> </ul> </div> <div class="footer-v3__nav-wrapper"> <div class="footer-v3__nav-heading">Get Support</div> <ul class="footer-v3__nav-collapsible"> <li><a href="https://proofpoint.my.site.com/community/s/" target="_blank">Product Support Login</a></li> <li><a href="/us/support-services">Support Services</a></li> <li><a href="/us/ipcheck">IP Address Blocked?</a></li> </ul> </div> <div class="footer-v3__nav-wrapper"> <div class="footer-v3__nav-heading">Connect with Us</div> <ul class="footer-v3__nav-collapsible"> <li><a href="tel:+1-408-517-4710" class="icon-phone-ppoint">+1-408-517-4710</a></li> <li><a href="/us/events">Attend an Event</a></li> <li><a href="/us/contact">Contact Us</a></li> <li><a href="/us/free-demo-request">Free Demo Request</a></li> </ul> </div> <div class="footer-v3__nav-wrapper"> <div class="footer-v3__nav-heading">More</div> <ul class="footer-v3__nav-collapsible"> <li><a href="/us/company/about">About Proofpoint</a></li> <li><a href="/us/why-proofpoint">Why Proofpoint</a></li> <li><a href="/us/company/careers">Careers</a></li> <li><a href="/us/leadership-team">Leadership Team</a></li> <li><a href="/us/newsroom">News Center</a></li> <li><a href="/us/legal/trust">Privacy and Trust</a></li> </ul> </div> </nav> <div class="footer-v3__bottom-wrap"> <section class="footer-v3__bottom"> <div class="footer-v3__logo"> <a href="/us" class="footer-v3__logo-link"> <div class="footer-v3__logo-image"></div> </a> <div class="footer-v3__bottom-copyright-info">© 2025. All rights reserved. </div> </div> <div class="footer-v3__bottom-copyright"> <a class="footer-v3__bottom-copyright-info" href="/us/legal/license">Terms and conditions</a> <a class="footer-v3__bottom-copyright-info" href="/us/legal/privacy-policy">Privacy Policy</a> <a class="footer-v3__bottom-copyright-info" href="/us/sitemap">Sitemap</a> </div> <ul class="footer-v3__bottom-social-menu"> <li> <a href="http://www.facebook.com/proofpoint" class="icon-facebook" target="_blank"></a> </li> <li> <a href="http://www.twitter.com/proofpoint" class="icon-twitter" target="_blank"></a> </li> <li> <a href="https://www.linkedin.com/company/proofpoint" class="icon-linkedin" target="_blank"></a> </li> <li> <a href="https://www.youtube.com/channel/UCIvtJgsrUzFo90NKeiVozhQ" class="icon-youtube-play" target="_blank"></a> </li> <li> <a href="https://www.instagram.com/proofpoint" class="icon-instagram" target="_blank"></a> </li> </ul> </section> </div> </div> </div> </div> <script type="text/javascript">document.write(unescape("%3Cscript src='//munchkin.marketo.net/munchkin.js' type='text/javascript'%3E%3C/script%3E")); </script> <script>Munchkin.init('309-RHV-619');</script><div class="element-invisible" style="clear:both;">  <script type="text/javascript"> /* <![CDATA[ */ var google_conversion_id = 950296937; var google_custom_params = window.google_tag_params; var google_remarketing_only = true; /* ]]> */ </script> <script type="text/javascript" src="//www.googleadservices.com/pagead/conversion.js"> </script> <noscript> <div style="display:inline;"> <img height="1" width="1" style="border-style:none;" alt="" src="//googleads.g.doubleclick.net/pagead/viewthroughconversion/950296937/?value=0&guid=ON&script=0"/> </div> </noscript></div> </div> <div id="flyout-container"></div> <script type="application/json" data-drupal-selector="drupal-settings-json">{"path":{"baseUrl":"\/","pathPrefix":"us\/","currentPath":"node\/103951","currentPathIsAdmin":false,"isFront":false,"currentLanguage":"en"},"pluralDelimiter":"\u0003","suppressDeprecationErrors":true,"ajaxPageState":{"libraries":"eJxlkFFuAzEIRC8Ux6r609tU2Eu8VliwAEfN7etEUdbbfvIGxMw0UCgKbbW4aG9A5_Ym586tJ6q24nIa2GsmjImkHKdgPVnWmnDiirBk7VuyHWZhR_bQoKDOWKfL7BASMM8bFwTviksAM_SJizhquH1OSBGDawUabxhpVwpJGhQJt2HCDoIZ6D2wLJORIlIIw0UOy-vINV4y3I6scpmByivEwZyiSdeMoTpu_7GFUWe-7oI1yJOjd89_9xx_PGShvvGw2r7rxxdHAi59NB0WdMwu-lA20Cu6xK1zXq-VH8wQNK-xe6Xnta-joeiQGFJ65nozEUqgJ7vbCBATGP4CRVbeUw","theme":"particle","theme_token":null},"ajaxTrustedUrl":[],"vwo":{"id":1002484,"timeout_library":2500,"timeout_setting":2000,"usejquery":"false","testnull":null},"pp_i18n":{"language":"us"},"instantsearch":{"indexName":"content","path":"search"},"user":{"uid":0,"permissionsHash":"d2c690dc50aab9a747cb007581c42f03855e8fe2ed922e6706b178b00522f212"}}</script> <script src="/sites/default/files/js/js_Gj7yAqXw15FtY3sC98x-qfVyvWoUB67ErhAqSc0B41o.js?scope=footer&delta=0&language=en&theme=particle&include=eJxNjFEOwjAMQy_EFPHHbaY0mDZam1RZen-YhASf9vPznLveH0adrS6u2J5ISHrc5twHx4F0GsukHWpXd4JDGq3Ufl45GwYo3Xvhj8SRKh0kHvjDXIxLUau_xfd8e3mMN5xAM9U"></script> <script src="https://geoip-js.com/js/apis/geoip2/v2.1/geoip2.js"></script> <script src="/sites/default/files/js/js_dfzxI1kBLIpbsNtAM8XOdI0AdbyzPfJ9AFJNYycoYfA.js?scope=footer&delta=2&language=en&theme=particle&include=eJxNjFEOwjAMQy_EFPHHbaY0mDZam1RZen-YhASf9vPznLveH0adrS6u2J5ISHrc5twHx4F0GsukHWpXd4JDGq3Ufl45GwYo3Xvhj8SRKh0kHvjDXIxLUau_xfd8e3mMN5xAM9U"></script> <script src="//munchkin.marketo.net/munchkin.js"></script> <script src="/sites/default/files/js/js_xbrjVWEwfp9YKnqP1VQiMJvuieVubGQeDbhYBBNXsQ8.js?scope=footer&delta=4&language=en&theme=particle&include=eJxNjFEOwjAMQy_EFPHHbaY0mDZam1RZen-YhASf9vPznLveH0adrS6u2J5ISHrc5twHx4F0GsukHWpXd4JDGq3Ufl45GwYo3Xvhj8SRKh0kHvjDXIxLUau_xfd8e3mMN5xAM9U"></script> <script src="/themes/custom/proofpoint/apps/drupal/../../dist/app-drupal/assets/js/app.js?q=paJroij350g&v=1"></script> <script src="/sites/default/files/js/js_LrBEJxb0kJ-3vhGGaGpr5iEXHcHS7mlydmiXQ2QU81g.js?scope=footer&delta=6&language=en&theme=particle&include=eJxNjFEOwjAMQy_EFPHHbaY0mDZam1RZen-YhASf9vPznLveH0adrS6u2J5ISHrc5twHx4F0GsukHWpXd4JDGq3Ufl45GwYo3Xvhj8SRKh0kHvjDXIxLUau_xfd8e3mMN5xAM9U"></script> <script src="//go.proofpoint.com/js/forms2/js/forms2.min.js"></script> <script type="text/javascript">window.NREUM||(NREUM={});NREUM.info={"beacon":"bam.nr-data.net","licenseKey":"NRJS-dc609d42ed81d429509","applicationID":"981470745","transactionName":"ZAdTbEEEChJRBxFcVl1Nck1AEQsMHwoKUVwdBV1XQBYFE0k=","queueTime":0,"applicationTime":787,"atts":"SEBEGgkeGU0SBUcPQk4f","errorBeacon":"bam.nr-data.net","agent":""}</script> </body> </html>

CINXE.COM

What Is Account Takeover Fraud (ATO)? Prevention & More | Proofpoint US