What is credential stuffing?
Credential stuffing is a type of cyberattack where cybercriminals take large databases of usernames and passwords, often stolen through recent data breaches, and attempt to “stuff” the account logins into other web applications using an automated process. In a credential stuffing attack, the fraudster uses access to consumer accounts to make fraudulent purchases, conduct phishing attacks, and steal information, money, or both. Credential stuffing is especially dangerous for consumers who use the same username and password combinations for more than one account, giving a cyber thief access to all of those accounts at one swipe. Continue reading