Recently, some of the largest businesses in the world have succumbed to cyberattacks. Customers are regularly informed that systems have been breached, and hackers have stolen customer data. Credential stuffing is one of the most common types of cyberattack lately. But what is credential stuffing attack. And how can it be prevented?
Cyberattackers Targeting Australians
Opponents of online casino games often point to the many dangers that could be hiding behind an online slot game. They fear things like money laundering and insufficient technology to monitor player activities. However, online games in regulated markets have proven to allay all of those fears. In fact, regulated online casinos around the world use the most advanced technology to fight everything from addiction to underage gambling, from cheating to money laundering.
Meanwhile, some of the largest businesses in the world have experienced cyberattacks. Credential stuffing is an increasingly common types of cyberattack. It mostly targets music streaming and online video and gaming services sites.
And according to the latest report from Akamai, Australia is the fifth most targeted country in the world for hackers using the credential stuffing technique.
What is a Credential Stuffing Attack?
There are many ways that hackers can breach a website and steal data, and one of the latest forms of cyberattacking is via credential stuffing. Essentially, a hacker injects stolen username and password combinations to gain access to user accounts. And when done in large numbers, information is dumped into a site until usernames and passwords match existing accounts, and those are then hijacked.
Large company data breaches provide the stolen usernames and passwords. That information is then sold on the dark web.
Hackers use account checkers to match stolen credentials against other websites. When they are able to find a match, they then get in and drain those accounts of all personal information, including credit card numbers and identification. Spam and other damaging transactions then keep the attacks going.
The overview of the report noted that there were approximately 30 billion credential stuffing attacks (or attempts) in 2018 around the world. It amounts to hundreds of millions of attacks per day.
Media organisations, entertainment companies, and gaming companies were the most frequently targeted. The likely reason is that people create accounts with these companies to order a subscription or pay for a service. Therefore, their credit card information is almost always available for hacking.
Australians a Primary Target
The sources of stolen information used to conduct a credential stuffing attack are different than the attack destinations. The countries most used for sources of information are:
And those most frequently targeted for credential stuffing attacks are:
What Can Customers Do?
Companies must take their own steps to try to prevent hackers from infiltrating their databases. But customers must also know how to best protect themselves anytime they put personal information online.
According to the report; “Brands should stress the use of unique passwords and password managers to customers and highlight the value of multi-factor authentication.”
Essentially, people who have online accounts, whether with a gaming service or music streaming service, should use a unique username and password for each site on which they have accounts. This prevents the matching system from finding that person’s exact username and password on multiple sites. In other words, people need to begin keeping written logs of all online account information and update/change them regularly. It might just be the safest way to protect personal data.
The report also suggests that people who regularly use internet services should educate themselves on the various types of cyberattacks and what kinds of data is most at risk.
Online Casino Safety
Some online poker and internet casino operators have been targeted by hackers. However, DDOS (distributed denial of service) are the most used form of attacks in the industry. This then overloads a server and stops sites from operating efficiently. Nevertheless, technology used to protect customer data usually helps secure user data.
Even so, it is smart for online casino players to use a username and password that is unique to that online casino account and not used at other online companies. This will help keep players safe from the attacks plaguing so many mainstream companies and customers around the world.