Credential Stuffing Fills E-commerce Pipeline in 2020
There were 1.3 billion attacks in the third quarter alone, according to new analysis from Arkose Labs.
The pandemic-driven consumer shift to digital commerce has been accompanied by a similar shift to digital fraud. According to new analysis by Arkose Labs, 1.3 billion fraud attacks were committed in the third quarter of 2020, with some 770 million making use of credential-stuffing techniques.
The Arkose report is not the first to note the rise of pandemic-related credential stuffing, but it is the latest to confirm its magnitude. The widespread availability of stolen credentials on the Dark Web makes bot-based credential stuffing attacks much easier and more productive than ever before, accounting for much of the rise in attack numbers, Arkose says.
In addition, e-commerce transaction rates have made every day in 2020 a "Black Friday," with retailers differing widely in their ability to deal with the volume, Arkose says. Hidden among the increased traffic to online retailers, nearly half of all attacks in Q3 originated from Europe, Arkose reports, with over 10 million "sweatshop attacks" -- those using low-cost human attackers to attack systems that resist automated approaches -- coming from Russia and 7 million coming from the United Kingdom.
Read more here.
About the Author
You May Also Like
Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024The Unreasonable Effectiveness of Inside Out Attack Surface Management
Dec 4, 2024