71% of Microsoft Office 365 deployments have suffered an account takeover of a legitimate user’s account, not once, but on average seven times in the last year. Just one in three security professionals believe they could identify and stop account takeover attacks immediately, the majority expect to take days or even weeks to intercept such a breach. Account takeover is replacing phishing as the most common attack vector and MFA defenses are speed bumps not forcefields, Vectra CTO Tim Wade says. Survey also reveals a high level of confidence amongst security teams in the effectiveness of their own security measures.
Source: https://www.helpnetsecurity.com/2021/03/19/account-takeover-attacks/