Credential Stuffing 101

WHITEPAPER

Credential Stuffing 101

How these attacks work, why they persist, and what you can do to prevent them
Credential Stuffing 101
“As long as there are criminals willing to pay for stolen data and consumers failing to protect themselves, there will be people working to access data that isn’t theirs.”

Like all trends, cyber threats come in waves and credential stuffing attacks are no exception. Their sudden surge in popularity sends cybersecurity teams scrambling to respond to these overwhelming attacks, leaving little room to educate themselves and users on preventive measures, let alone address the underlying concerns that allow them to flourish. Among them:

  • Gigantic troves of stolen user account credentials are widely available for criminals to purchase
  • Consumers of digital services insist on using weak, easy-to-remember passwords for multiple accounts
  • Automated credential stuffing software makes perpetrating these malicious acts fairly easy

Regardless of your industry, credential stuffing is an equal opportunity offender and the implications are very real. In this report, SpyCloud taps its expertise in helping organizations recover exposed credentials to help you understand the anatomy of credential stuffing attacks, why they persist, and what you can do to prevent them.

Solution:

Consumer ATO Prevention
Protect your users from account takeover fraud and unauthorized purchases.
Download the PDF version of the whitepaper to print or share with others.

The SpyCloud Difference

Truly Actionable Recaptured Data

SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware infections, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.

stat-blocks-stacked

Check Your Exposure

See your real-time account takeover exposure details powered by SpyCloud data.

How Credential Stuffing Tools Are Made

WEBINAR

How Credential Stuffing Tools Are Made

Credential Stuffing Webinar Screenshot

In early 2020, attackers compromised over 160,000 Nintendo accounts via credential stuffing. SpyCloud researchers discovered source code for one account checker tool that was custom-built to help criminals test stolen credentials against Nintendo logins, enabling attackers to access customer accounts and exploit saved payment methods to purchase in-game currency.

With so many people stuck at home, popular consumer services like Nintendo are facing high demand – from both legitimate customers and cybercriminals. Sophisticated crimeware makes it easy for criminals to target these types of organizations in credential stuffing attacks and defraud their customers. To protect consumers from account takeover, enterprises need to take proactive measures.

View this on-demand webinar to learn:

  • How credential stuffing works, from the lifecycle of stolen credentials to the crimeware attackers use to automate account takeover
  • Why stolen accounts that don’t have obvious monetary value can be profitable for cybercriminals
  • How credential stuffing and account takeover fit into the broader criminal economy
  • What your enterprise can do to combat both credential stuffing and more advanced types of account takeover attacks
Solution: Account Takeover Prevention

Reset stolen passwords before criminals can use them To defraud your users or access sensitive corporate data.

Learn More

Zero Trust

Watch the Webinar:

How Credential Stuffing Tools Are Made

Presenter Info

Chip Witt, Vice President of Product Management

Chip Witt has nearly twenty years of diverse technology experience, including product management and operations leadership roles at Hewlett Packard Enterprise, Webroot, VMware, Alcatel, and Appthority. He is currently the VP of Product Management and oversees the Customer Success Program at SpyCloud. Chip works closely with field intelligence teams specializing in OSINT and HUMINT tradecraft, actor attribution and underground monitoring.

A few of our happy customers:

Related Resources

The SpyCloud Difference

Truly Actionable Recaptured Data

SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware infections, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.

stat-blocks-stacked

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

Hard Truths About ATO & Strategies To Defend Your Enterprise

WEBINAR

Hard Truths About ATO & Strategies To Defend Your Enterprise

Protecting your enterprise from breaches and account takeovers has never been a bigger challenge. New tools make it possible for even unsophisticated actors to perform advanced, widespread attacks that put your organization at risk. According to the 2019 Verizon Breach Report, stolen credentials are the leading attack vector — yet in a recent study by Symantec, only 7% of respondents rated account takeover as a top threat to their cloud infrastructure.

Regardless of the thoughtful measures and policies you have in place, the hard truth is that no policy can protect you from human behavior. In this webinar, SpyCloud Head of Product Strategy Chip Witt demonstrates how malicious actors take advantage of loopholes in your account takeover prevention plans. For example, your employees may be reusing compromised passwords to access corporate systems or signing up for 3rd party services like LinkedIn or Fantasy Football using their work credentials.

View this on-demand webinar to learn:

  • The anatomy of an account takeover attack
  • Real-world examples of how employee password reuse can threaten your enterprise
  • Potential holes in your account takeover plan
  • What you can do to strengthen your security posture, including alignment to NIST
Solution: Account Takeover Prevention

Reset stolen passwords before criminals can use them to defraud your users or access sensitive corporate data.

Learn More

Zero Trust

Watch the Webinar:

Hard Truths About ATO & Strategies To Defend Your Enterprise​

Presenter Info

Chip Witt, Head of Product Strategy

Chip Witt has nearly twenty years of diverse technology experience, including product management and operations leadership roles at Hewlett Packard Enterprise, Webroot, VMware, Alcatel, and Appthority. He is currently the Head of Product Strategy and manages the Customer Success Program at SpyCloud, which provides cloud-based security services to help businesses of all sizes prevent data breaches and account takeover attacks by alerting when employee or company assets have been compromised. Chip works closely with field intelligence teams specializing in OSINT and HUMINT tradecraft, actor attribution and underground monitoring.

A few of our happy customers:

Related Resources

The SpyCloud Difference

Truly Actionable Recaptured Data

SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware infections, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.

stat-blocks-stacked

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.