Credential Stuffing Fills E-commerce Pipeline in 2020
There were 1.3 billion attacks in the third quarter alone, according to new analysis from Arkose Labs.
The pandemic-driven consumer shift to digital commerce has been accompanied by a similar shift to digital fraud. According to new analysis by Arkose Labs, 1.3 billion fraud attacks were committed in the third quarter of 2020, with some 770 million making use of credential-stuffing techniques.
The Arkose report is not the first to note the rise of pandemic-related credential stuffing, but it is the latest to confirm its magnitude. The widespread availability of stolen credentials on the Dark Web makes bot-based credential stuffing attacks much easier and more productive than ever before, accounting for much of the rise in attack numbers, Arkose says.
In addition, e-commerce transaction rates have made every day in 2020 a "Black Friday," with retailers differing widely in their ability to deal with the volume, Arkose says. Hidden among the increased traffic to online retailers, nearly half of all attacks in Q3 originated from Europe, Arkose reports, with over 10 million "sweatshop attacks" -- those using low-cost human attackers to attack systems that resist automated approaches -- coming from Russia and 7 million coming from the United Kingdom.
Read more here.
About the Author
You May Also Like
How to Evaluate Hybrid-Cloud Network Policies and Enhance Security
September 18, 2024DORA and PCI DSS 4.0: Scale Your Mainframe Security Strategy Among Evolving Regulations
September 26, 2024Harnessing the Power of Automation to Boost Enterprise Cybersecurity
October 3, 202410 Emerging Vulnerabilities Every Enterprise Should Know
October 30, 2024
State of AI in Cybersecurity: Beyond the Hype
October 30, 2024[Virtual Event] The Essential Guide to Cloud Management
October 17, 2024Black Hat Europe - December 9-12 - Learn More
December 10, 2024SecTor - Canada's IT Security Conference Oct 22-24 - Learn More
October 22, 2024