Account aggregation is a botnet attack that collects the credentials of multiple accounts to be used in another application. The aggregation may be used by a single user to merge data on multiple applications or merge multiple users information in a single application. Common uses are merging social media accounts, email and financial accounts to get a consolidated view of reporting and analytics. Changes can be made to account properties and interacting with the functionality of the application.
Alternate Names and Examples
Aggregator
Client Aggregator
Data Aggregation
Financial Account Aggregator
Potential Symptoms
• Abnormal account information patterns (e.g., geography, time zones) that do not match the user profile
• Higher spikes in activity
• Account credentials are identified via another application