For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
HUMAN DashboardHUMAN WebsiteRequest a Demo
Product GuidesEnforcer GuidesMobile SDKAPI ReferenceCustomer support
Product GuidesEnforcer GuidesMobile SDKAPI ReferenceCustomer support
  • Getting Started
    • Overview
    • Best practices
  • Sightline Cyberfraud Defense
    • About Sightline Cyberfraud Defense
    • Getting Started
    • What's different in Sightline Cyberfraud Defense
    • Sensor changelog
    • About the Overview Dashboard
    • Glossary
  • AgenticTrust
    • Getting started with AgenticTrust
    • AI Agents Monitoring Dashboard
    • AI Visitors Overview Dashboard
    • Manage AI Agent Permissions
    • Agentic Activity Priority
    • Agent Trust Levels
  • Account Defender
    • Account Defender Overview
    • Use Cases
    • Prerequisites
    • Getting Started with Account Defender
    • Optimizing Account Defender Detection
    • Validating Account Defender Integration
    • Risk Triggers
    • About Network Events
    • Troubleshooting
  • Bot Defender
    • Bot Defender Overview
    • Detection
    • Bot Defender Policy Settings
    • Footprint
  • Credential Intelligence
    • Credential Intelligence Overview
    • How to Access the Breached Flag
    • Credential Intelligence FAQ
    • Credential Intelligence Dashboard
  • Code Defender
    • Code Defender Introduction
    • Getting Started with Code Defender
    • Code Defender Glossary
    • Website Risk Analyzer
  • Platform
    • Account settings
    • Manage users
    • Role permissions
    • Enforcer configurations
    • Page Type Mapping
  • Client-Side Integration
    • JavaScript tag
    • Improving first page performance
    • Use of cookies & web storage
    • Advanced client integration
LogoLogo
Login
Login
HUMAN DashboardHUMAN WebsiteRequest a Demo
On this page
  • Account Takeover
  • Fake Account Creation
Account Defender

Use Cases

Was this page helpful?
Previous

Prerequisites

Next
Built with

Account Defender protects your online resources from two types of threats.

Account Takeover

An attacker uses credentials (or a stolen token/cookie) to log into a legitimate user’s account.
After logging in, the attacker will try to take control over the account permanently by changing some of the account settings.
Once the attacker has control, they will conduct fraudulent actions.
The flow of actions will likely be as follows:

  1. Login
  2. Change account email
  3. Change account password
  4. Change home address
  5. Disable Multi-Factor Authentication (MFA) or notifications
  6. Perform a fraudulent action (e.g., withdraw funds, purchase items, transfer credits, send spam)
  7. Repeat fraudulent action until the account has no more value

Fake Account Creation

An attacker creates multiple accounts in order to abuse some part of the system.
For every new account, the attacker will perform fraudulent actions to maximize the stolen value.
For example, the attacker may:

  • Download paid content
  • Redeem new user voucher (or free time period)
  • Send spam
  • Post fraudulent action, the account will usually be abandoned