Posted on July 20, 2018 at 6:47 PM
A report has been released by Shape Security as regards credential spills for the year 2018. This report states that about 90% of every single traffic which is generated on e-commerce websites is as a result of hackers making attempts towards credential stuffing.
Credential stuffing is simply the process whereby an attacker makes use of the passwords as well as usernames that are gotten for the purpose of gaining access to the accounts of individuals. A certain program is made use of with a view to trying out some passwords and usernames via mobile apps and websites.
It is statistically proven that an average of about 90% of all login attempts upon e-commerce websites are aimed at credential stuffing. In addition to this, about a sixth of attacks aimed at consumer banks and airlines are also attacks. Furthermore, about 44% of the attempts on hotels are with a view to taking over such accounts.
The mean credential stuffing rate encountered by the retailing outlets is about 0.5%. Based upon a report, there appears to be a gap between when a spill in credential is reported and when it is discovered. A statement by Shape Security indicated that a half of every issue of a credential spill were found out and reported within the initial first month of such compromise.
However, owing to the fact that some spills take quite a while to uncover, it was found out that it took about fifteen whole months from between the time access was gained by an attacker to the exact time the spill was reported back in 2017.
This period is quite vital owing to the fact that the time frame between when the credentials get stolen to when they actually do go public. This leads to an upward climb of the cost as well as the negative effect of the spill.
It is reported that the cybercriminals make attempts to have access to an online platform account by bombarding it using passwords and emails which may have been leaked in previous breaches of data.
The hackers who find a way to access the accounts of users usually make purchases usually buy gift cards as well as electronic gadgets.
The major victims
Shape also reports that the hackers will make use of hacked credentials to access grocery accounts with a view to purchasing high valued cheese and then resell to restaurants for good money.
The report also indicated that certain adult and pornographic websites made no reports of security breaches. However, this could be interpreted as them simply not wanting to come public about it.
What is the end game?
Coupled with lesser data spills occurring, it is also reported that they are now lesser in size also having the information of lesser people exposed.
In order to have a lesser number of people fall prey to these schemes, it is advisable that people follow basic password guideline rules. These rules include but is not limited to regular password changes as well as mixing up of same.