The present disclosure relates to user account security for accounts accessible through a communications network. Specifically, the present disclosure relates to preventing unauthorized account access using compromised login credentials.
User login information (for example, a user identifier, a password, a user-specific image, etc.) can be compromised by a malicious party using any of a variety of methods. For example, a malicious party can obtain multiple sets of login information using a fraudulent website masquerading as a legitimate one. These phishing sites prompt users to provide confidential information, such as user names, passwords, account numbers, and the like, in order to collect this information for illegitimate purposes. Another method by which a malicious party can obtain a large collection of login information is through hacking. That is, a hacker can gain unauthorized access to a protected system, thereby acquiring secure user information, including login information (e.g., user identifiers and corresponding passwords), social security numbers, etc. Once acquired, the login information can be used for illegitimate purposes, sold, published, or distributed, thereby disrupting the experience of users and compromising the security of the website as a whole.
While users can be trained to recognize phishing sites and to monitor the integrity of their login information, security breaches can still occur. To limit the effect of a security breach, a website may implement security systems and methods to determine whether a user session is legitimate and whether the user session has been initiated by an unauthorized person using illegitimately obtained login information.