Credential Stuffing Fills E-commerce Pipeline in 2020

1 min Read
ecommerce-fraud-arm-out-of-screen-feature

There were 1.3 billion attacks in the third quarter alone, according to new analysis from Arkose Labs.

The pandemic-driven consumer shift to digital commerce has been accompanied by a similar shift to digital fraud. According to new analysis by Arkose Labs, 1.3 billion fraud attacks were committed in the third quarter of 2020, with some 770 million making use of credential-stuffing techniques.

The Arkose report is not the first to note the rise of pandemic-related credential stuffing, but it is the latest to confirm its magnitude. The widespread availability of stolen credentials on the Dark Web makes bot-based credential stuffing attacks much easier and more productive than ever before, accounting for much of the rise in attack numbers, Arkose says.

In addition, e-commerce transaction rates have made every day in 2020 a “Black Friday,” with retailers differing widely in their ability to deal with the volume, Arkose says. Hidden among the increased traffic to online retailers, nearly half of all attacks in Q3 originated from Europe, Arkose reports, with over 10 million “sweatshop attacks” — those using low-cost human attackers to attack systems that resist automated approaches — coming from Russia and 7 million coming from the United Kingdom.

Read more here.

Please read the full article on DarkReading, here.

Share Now

Share on twitter
Share on facebook
Share on linkedin