Credential Stuffing Fills E-commerce Pipeline in 2020
There were 1.3 billion attacks in the third quarter alone, according to new analysis from Arkose Labs.
The pandemic-driven consumer shift to digital commerce has been accompanied by a similar shift to digital fraud. According to new analysis by Arkose Labs, 1.3 billion fraud attacks were committed in the third quarter of 2020, with some 770 million making use of credential-stuffing techniques.
The Arkose report is not the first to note the rise of pandemic-related credential stuffing, but it is the latest to confirm its magnitude. The widespread availability of stolen credentials on the Dark Web makes bot-based credential stuffing attacks much easier and more productive than ever before, accounting for much of the rise in attack numbers, Arkose says.
In addition, e-commerce transaction rates have made every day in 2020 a "Black Friday," with retailers differing widely in their ability to deal with the volume, Arkose says. Hidden among the increased traffic to online retailers, nearly half of all attacks in Q3 originated from Europe, Arkose reports, with over 10 million "sweatshop attacks" -- those using low-cost human attackers to attack systems that resist automated approaches -- coming from Russia and 7 million coming from the United Kingdom.
Read more here.
About the Author
You May Also Like
The Dirt on ROT Data
Dec 18, 2024Securing Your Cloud Data Across the Attack Timeline
Jan 15, 2025The Artificial Future Trend Micro Security Predictions for 2025
Jan 16, 2025