Credential Stuffing 101

WHITEPAPER

Credential Stuffing 101

How these attacks work, why they persist, and what you can do to prevent them
Credential Stuffing 101
“As long as there are criminals willing to pay for stolen data and consumers failing to protect themselves, there will be people working to access data that isn’t theirs.”

Like all trends, cyber threats come in waves and credential stuffing attacks are no exception. Their sudden surge in popularity sends cybersecurity teams scrambling to respond to these overwhelming attacks, leaving little room to educate themselves and users on preventive measures, let alone address the underlying concerns that allow them to flourish. Among them:

  • Gigantic troves of stolen user account credentials are widely available for criminals to purchase
  • Consumers of digital services insist on using weak, easy-to-remember passwords for multiple accounts
  • Automated credential stuffing software makes perpetrating these malicious acts fairly easy

Regardless of your industry, credential stuffing is an equal opportunity offender and the implications are very real. In this report, SpyCloud taps its expertise in helping organizations recover exposed credentials to help you understand the anatomy of credential stuffing attacks, why they persist, and what you can do to prevent them.

Solution:

Consumer ATO Prevention
Protect your users from account takeover fraud and unauthorized purchases.
Download the PDF version of the whitepaper to print or share with others.

The SpyCloud Difference

Truly Actionable Recaptured Data

SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware infections, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.

stat-blocks-stacked

Check Your Exposure

See your real-time account takeover exposure details powered by SpyCloud data.

Account Takeover 101

WHITEPAPER

Account Takeover 101

What Is It & What Can You Do to Prevent It?

Account Takeover 101 preview

“Even if you’re familiar with account takeover and think you’re prepared, the truth is it’s a never-ending game of whac-a-mole.”

Account Takeover (ATO) inflicts significant financial harm on businesses and individuals. As a corporate security team, you can’t defend yourself alone, and user habits will continue to put your organization at risk.

Preventing ATO might seem impossible, but vigilance and education offer some of the biggest advantages in beating criminals at their own game. With that in mind, we designed this whitepaper to help you thoroughly understand this ever-evolving threat and take the necessary steps to protect your users and your business.

  • Gain expert-level knowledge of the account takeover timeline
  • Understand user habits that lead to ATO risk and how to mitigate them
  • Know what measures are required to prevent ATO as early as possible

Download Account Takeover 101 [PDF] and see whether you’re doing enough to stop this insidious cyberattack.

Download ATO 101

Solution: Account Takeover Prevention

Reset stolen passwords before criminals can use them to defraud your users or access sensitive corporate data.

Learn More

A few of our happy customers:

The SpyCloud Difference

SpyCloud provides the earliest detection of potentially compromised accounts – those using credentials that have appeared in a third-party breach and are therefore at risk of account takeover. And we automate the remediation of exposed passwords, enabling enterprises to lock down accounts quickly, before damage is done. 

Our goal is to help organizations to protect themselves from criminal activity and disrupt criminals’ ability to profit from stolen data.

stat-blocks-stacked

Check Your Exposure

See your real-time account takeover exposure details powered by SpyCloud data.

Automattic

CASE STUDY

Automattic

Industry: TECHNOLOGY

Automattic chose SpyCloud to automate the process of detecting account exposures and protecting the account from a takeover. 

Challenge

Password reuse is a constant issue that often leads to account takeovers, yet finding exposed credentials was a labor-intensive, manual task that didn’t capture every instance.

Solution

Automattic chose SpyCloud to automate the process of detecting account exposures and protecting customer accounts from a takeover with proactive tools that force an immediate password reset.

Result

With the automated solution, Automattic is protecting millions of people from account takeover and preventing them from reusing exposed passwords for a safer customer experience.

How Automattic Is Protecting Customers Behind The Scenes

Automattic is the company behind one of the most popular online publishing platforms in the world, WordPress.com. WordPress.com is but one of the products offered by Automattic. The company has developed services like Jetpack and WooCommerce that give users additional functionalities such as ecommerce, website security, backups and anti-spam capabilities. With a motto of “making the web a better place,” clearly Automattic is defining how the internet can empower, inspire and delight.

Today, customer accounts have become a target for cybercriminals who seek to hack accounts to steal identities, data or privileges using stolen credentials. When people reuse passwords across multiple sites and apps, they make themselves highly vulnerable to attacks. Automattic took up the cause to ensure its customers were as secure as its own servers, offering multi-factor authentication and ensuring customers choose strong passwords that have never been exposed on the dark web.

Enhancing the Website Experience

Automattic’s mission is to give people easy access to a platform where they can share data beyond social media accounts. “We believe everyone should have their own place on the web, their own domain they own forever,” says Barry Abrahamson, CTO at Automattic. “While affordable, we give them inventive tools to make it unique, interactive and highly functional.”

What was once primarily a blogger’s paradise, WordPress.com has expanded to give businesses of all sizes across the globe a place to connect with an audience in ways never before possible. “Protecting our customers from account takeover is something we view as our responsibility,” says Abrahamson. “Many people may not realize the risk of reusing passwords across multiple accounts. Our goal is to both educate our users and protect their WordPress.com site as much as we can from all forms of attacks. We do all of the work behind the scenes so customers can just enjoy their site and the freedom it brings to express themselves.”

Automattic is unique. They don’t charge extra for the many security features embedded in their products. Everything is included in the platform because the company believes at its core that those features are too important to leave to chance. A secure presence on the internet is a basic right, not an opportunity to nickel and dime customers. To Automattic, Denial of Service, SSL, web application firewalls and account takeover prevention are features as important as any basic product functionality, maybe more.

“Our idea behind security is to provide best-in-class security features and functionality to all customers in a transparent, no-hassle way, whether they ask for it or are completely oblivious to its necessity,” says Abrahamson. “We ensure when we implement something, we make the default version as secure as technically possible. Security features are automatically enabled, without requiring the user to turn on a feature, so we know our customers are protected from bad people who want to cause harm.”

Proactively Preventing Account Takeover

Account takeover has come front and center in the past few years. According to Verizon, stolen credentials top the list of breach attacks, mostly due to the fact that nearly 60 percent of people admit to reusing passwords across multiple accounts. Automattic believes it can be more effective in protecting its millions of customers by embedding security solutions into its products.

One such solution Automattic chose was SpyCloud to automate the process of detecting account exposures and protecting the account from a takeover with proactive tools that force an immediate password reset. “Account compromise due to password reuse has become a larger problem over the years,” says Abrahamson.

“We found ourselves spending more of our time searching the dark web for these password lists and then going through manually comparing the list with our customer list, then proactively resetting their passwords. It was a huge time commitment. Now that we have an automated solution, we can protect hundreds of millions of people and prevent them from choosing passwords that have already been exposed.”

Plenty has changed since Automattic was founded, yet the company has the foundation in place to stay nimble to whatever comes next. Automattic continues to build tooling and algorithms internally that detect, block, alert and notify. “We will invest in security measures that are proven to bring value to our products by providing a safe environment for our customers,” he says. “Security will always be at the top of our priority list because it’s our responsibility to take care of our customers who trust us.”

About Barry Abrahamson

Chief Technology Officer may be on Barry Abrahamson’s resume, but Automattic insiders prefer to call him Systems Wrangler. Abrahamson knows technology. He was one of the original hires at Automattic and for more than 12 years, has worn plenty of hats. He is responsible for all of the technology and implementations at Automattic, including servers, data centers and security, as well as improving performance and security insights. Before joining Automattic, Abrahamson was a senior account manager at Rackspace Managed Hosting.

The SpyCloud Difference

Truly Actionable Recaptured Data

SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware infections, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.

stat-blocks-stacked

Download the PDF version of the case study to print or share with others.

Understanding the Latest NIST Password Guidelines

WHITEPAPER

Understanding the Latest NIST Password Guidelines

Security Meets Usability

Over the years, security professionals have learned surprising lessons about how password policies affect user behavior. Faced with complicated password requirements and hundreds of online accounts to keep track of, people often take dangerous shortcuts—and criminals benefit.

To help organizations mitigate the risk posed by users’ bad password habits, the National Institute of Standards and Technology (NIST) designed a set of password guidelines that balance security and usability. The updated guidance abandons the long-held philosophy that passwords must be long and complex. In contrast, the new guidelines recommend that passwords should be “easy to remember” but “hard to guess.” According to NIST, usability and security go hand-in-hand.

Read this white paper to understand what NIST’s guidance means for your organization, including:

  • Why NIST has abandoned popular password complexity requirements
  • What’s special about new authenticator guidelines
  • How NIST approaches biometrics (hint: they’re not enough on their own)
  • What organizations can do to mitigate the risk caused by users’ bad habits

Solution:

NIST Password Screening
Align with the latest password security guidelines from the National Institute of Standards and Technology (NIST).
Download the PDF version of the whitepaper to print or share with others.

A few of our happy customers:

Related Resources

The SpyCloud Difference

Truly Actionable Recaptured Data

SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware infections, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.

stat-blocks-stacked

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.