Explore the dynamics of credential theft and account takeovers in this 49-minute conference talk from AppSecUSA 2017. Dive into a unique "victim's POV" research approach that traces attacker activity after compromising 57 fake identities on popular platforms like Google and Facebook over a 6-month period. Discover key insights on takeover timelines, attacker behavior patterns, and security practices employed by hackers. Learn about the phishing ecosystem, research objectives, and the process of creating authentic bait accounts. Analyze findings on access times, password reuse, trap effectiveness, and geographic distribution of attacks. Gain valuable takeaways for CISOs and cybersecurity professionals to enhance defense strategies against sophisticated phishing campaigns and account compromises.