Credential Stuffing Fills E-commerce Pipeline in 2020
There were 1.3 billion attacks in the third quarter alone, according to new analysis from Arkose Labs.
The pandemic-driven consumer shift to digital commerce has been accompanied by a similar shift to digital fraud. According to new analysis by Arkose Labs, 1.3 billion fraud attacks were committed in the third quarter of 2020, with some 770 million making use of credential-stuffing techniques.
The Arkose report is not the first to note the rise of pandemic-related credential stuffing, but it is the latest to confirm its magnitude. The widespread availability of stolen credentials on the Dark Web makes bot-based credential stuffing attacks much easier and more productive than ever before, accounting for much of the rise in attack numbers, Arkose says.
In addition, e-commerce transaction rates have made every day in 2020 a "Black Friday," with retailers differing widely in their ability to deal with the volume, Arkose says. Hidden among the increased traffic to online retailers, nearly half of all attacks in Q3 originated from Europe, Arkose reports, with over 10 million "sweatshop attacks" -- those using low-cost human attackers to attack systems that resist automated approaches -- coming from Russia and 7 million coming from the United Kingdom.
Read more here.
About the Author
You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024