Have you heard the phase ’Credential stuffing’? No? well this is a method that cybercriminals use to infiltrate and breach systems, anything from PayPal, Netflix, Amazon, the list is endless. The cyberattacker has lists of compromised users account details i.e sign in details/passwords. There will be hundreds of thousands of stolen identities on the lists, gained from places like the Dark web.
The attackers will then use these lists using special software & powerful computers to work at cyber speed, processing the stolen I Ds against thousands of Online services. It’s a game of chance, but with the number of compromised identities, the cyber-speed used and the vast amount of online services available, the gamble will pay off.
A New York attorney general has tried to put a figure on the amount of stolen credentials, with her focus on the U.S, and her investigation found the more than 15 billion stolen credentials are now in circulation!
Industry have stated that the success rate figure with hackers using ‘credential stuffing’ is between 1-3%
This seems a low figure, but if you take the amount of stolen credentials on the lists, that is still a minimum of 150 million people who have had their accounts hacked.
One of the biggest aids to this sort of cyberattack, and one that we are all guilty of, is using the same password for each of our online account/services. Clearly, once our password/login details are compromised and on ‘the lists’ we then open the door to all our other accounts, makes it much easier for the criminals and they rely on this.
Let’s start the New Year by trying to lower the odds of being hacked. Start by changing passwords so you are not using the same login details on all your sites/accounts/services. Password Managers are there to help you, they allow you to store, generate and manage all your passwords in one place, you only have to remember one password to log in to it. Couldn’t be simpler.
The Norton 360 range all come with Password Manager, check out our deals at: