Email Security Blog

Stop Account Take Overs (ATOs) With Stylometry

INKY Quick Share Logo 4-1

If you’ve ever been a victim of identity theft or had a credit card stolen, you probably know what an email account takeover feels like. Not only is it a total invasion of privacy, it can be a costly dilemma for you, your company, and quite possibly, every one of your contacts.

How Does an Account Takeover Happen?

Account takeovers occur when a hacker gets a hold of your login credentials. Maybe they got access to your credentials through a phishing email, or perhaps your email password was overly hackable. Regardless of how the imposter got access to your email account, once they have your information, they can easily log into your accounts and quickly change your User ID and password. From there, they can create some really convincing phishing emails and send them out under your name. They might even come from your company’s email server.

One vital defense in the war against phishing emails (and especially Account Takeovers) is multi-factor authentication. Only 62% of companies use multi-factor authentication, however it’s an easy way to protect your passwords, data, identity and more.1 And while it might be annoying to get an authentication code texted or mailed to you every time you sign into a system, it’s a small price to pay for the addition layer of security. That said, even with multi-factor authentication, you still have to look out for the other guy. That's right, every vendor, friend, relative, or colleague whose email credentials could be compromised could turn you into a victim. All it take is one unsuspecting phishing email from a compromised account.

What Can Happen Once an Account Has Been Taken Over?

The phishing emails that are sent as part of an Account Takeover come in many forms. In fact, new schemes are devised every day. The ultimate goal of an Account Takeover is to trick the account owner's contacts into making costly mistakes.  In ATO situations, cybercriminals have been known to:

  • Access an online banking account
  • Be paid for phony invoices
  • Order goods through a company’s merchant account
  • Unlock corporate records and sensitive data
  • Steal loyalty points
  • Harvest customer data
  • Make unauthorized purchases
  • Extort money from you in exchange for your account credentials

To put this in perspective, in 2022, the FBI’s Internet Crime Complaint Center received 21,832 complaints of compromised emails, totaling more than $2.7 billion in losses.1 Sadly, today’s Secure Email Gateways (SEGs) don’t have the intuition necessary to identify an Account Takeover. That’s because when a hijacker has your email credentials, the phishing email they send comes from their familiar name and even from their server.

How Do You Solve Account Takeover?

In retrospect, we often hear victims saying “Now that I think of it, that email sounded nothing like you.” However, the right email security platform can remind you of that before it's too late. 

Whether you’re a published author or John Doe sending an email, you have a certain style. Your word choices, sentence structure, and even the breadth of your vocabulary are all indicators of who is writing what. That’s stylometry.

Much in the same way a high school teacher can spot a plagiarized term paper from an original, INKY gets to know her users so that she can keep an eye out for anyone trying to impersonate them with a phishing email or Account Takeover. Stylometry is a powerful tool in INKY’s toolbox, providing Account Takeover protection like no one else can.

Get Protected From Account Takeovers

Not all phish are created equal and Account Takeovers are the piranha of the phishing cyber-world. The best way to avoid having them sink their teeth into you or your employees is by adding an advanced level of email phishing prevention to your security platform. INKY not only detects Account Takeovers using stylometry, we also use an unprecedented combination of artificial intelligence, machine learning, and computer vision to stop phishing emails and keep your company safe.

Now is the perfect time to speak with your Managed Service Provider (MSP) about the many benefits of adding INKY to your security stack. If you'd like to learn more about the science behind Stylometry, read our guide entitled, 'Understanding Phishing: Account Takeover'.


INKY is an award-winning, behavioral email security platform that blocks phishing threats, prevents data leaks, and coaches users to make smart decisions. Like a cybersecurity coach, INKY signals suspicious behaviors with interactive email banners that guide users to take safe action on any device or email client. IT teams don’t face the burden of filtering every email themselves or maintaining multiple systems. Through powerful technology and intuitive user engagement, INKY keeps phishers out for good. Learn why so many companies trust the security of their email to INKY. Request an online demonstration today.