Credential Stuffing: A Threat to Online Platforms and Their Users

Credential stuffing attacks are a cyber attack type in which attackers attempt to use credentials obtained through data leaks and other means on various online platforms. In these attacks, automated scripts are used to try out the credentials at high speed on many of these portals. If credentials are correct, attackers can usually fully access and abuse a legitimate user’s account.

Credential Stuffing: A Threat to Online Platforms and Their Users Image by Freepik

The stolen credentials are often gathered in so-called collections and traded by criminals on the dark and deep web. The content of these collections can be of various origin. In our previous blog article “Dark Web vs. Deep Web - What can you find there? we explain the differences between the everyday Internet, the Deep and Dark Web.

Ursprung von Logindaten für Credential-Stuffing-Angriffe

  1. Leakage of Data from Companies: Almost all online platforms offer their customers the convenience of a customer account, e.g., to make purchases faster and easier in the future. In order to do this, companies store users’ login data in their databases. Due to unintentional misconfiguration, missing security patches or actual hacking attacks, this login data can be accessed and thus be copied and become part of these data collections.
  2. Phishing Attacks: Various methods can be used to trick users of online platforms into revealing their login data to attackers. Often, fake websites are used that can hardly be distinguished from the original at first glance. We have explained further phishing methods in more detail in our blogposts Phishing, What Is It All About? (Part 1) and Phishing, What Is It All About? (Part 2).
  3. Theft of Login Data: Login data can also be stolen directly from users, for example by malware reading it directly on the computer or cell phone and sending it to the attacker. Various methods are used to capture login data. Known in particular are keyloggers, malicious software that records all user entries, and so-called password stealers, software that specifically reads files and data from password managers, e.g. from the Chrome browser.

The motivation behind credential stuffing attacks is usually monetary. Once attackers have access to an account, they can use it for malicious activities such as sending spam or committing commodity fraud. In some cases, attackers can also view sensitive information such as credit card or bank account details from users’ stored account information.

Our next blog post offers an in-depth look at credential stuffing attacks and their impact on users of online platforms.

Reading Time:
2 min
Published:
:
Rene Neff

Contact an Expert

Do you have any further questions or need specific help? Write us a message or arrange a meeting directly.

Show more

  1. Verify Login Credentials to Protect against Credential-Stuffing Attacks

    Verify Login Credentials to Protect against Credential-Stuffing Attacks

    Users to Verify Their Login Credentials to Protect against Credential-Stuffing Attacks Checking credentials against leaked login information is an important safeguard to protect against credential stuffing attacks, as it helps prevent the use of stolen credentials. When users check their credentials on a platform that matches whether the data has been leaked in the past, they can determine whether their credentials may have already fallen into the hands of attackers. If so, they should change their password as soon as possible and, if necessary, consider other security measures such as enabling two-factor authentication.

    Reading Time:
    8 min
    Published:
    :
    Rene Neff
  2. Risks to Users and Operators of Online Platforms from Credential-Stuffing Attacks

    Risks to Users and Operators of Online Platforms from Credential-Stuffing Attacks

    Risks to Users of Online Platforms from Credential-Stuffing Attacks Credential stuffing attacks pose a high risk for users of online platforms. Criminals’ access to online accounts can lead to financial damage, for example when purchasing goods with stolen credit cards or by exploiting access data to paid offers. Credential-stuffing attacks also pose a risk of identity theft, as attackers may have access to personal information and documents when they access an account.

    Reading Time:
    4 min
    Published:
    :
    Rene Neff

Get to the blog