Credential stuffing is a middle step in a multi-faceted process: consumer login credentials go from being compromised — through a data breach, keystroke logger malware, or phishing — to being monetized. Cybercriminals use credential stuffing to identify the compromised username/password pairs that are valid on other sites, then sell them on the dark web for fraudulent purchases, gift card theft, reward point draining, PII scraping, and ATO.
“24 hours is all it takes a sophisticated fraudster organization to steal, test, and put compromised data out on the dark web markets for sale. Experienced criminals have these steps optimized to maximize the value of the data they’ve acquired.” — Don Bush, myNetWatchman
Most companies only become aware that an account is compromised after a bad actor commits fraud or steals data. By then the consumer is unhappy — they’ll often blame the company even if they share responsibility for reusing passwords. While most consumers will return to a solid brand, they typically shop elsewhere for a while. Some won’t return at all. The company loses future business and customer lifetime value.
Early detection and remediation of compromised credentials can increase lifetime value of a customer while reducing loss. When done right, account protection has minimal impact on the customer experience and maintains confidence and trust.
The myNetWatchman Solution
Our unique data and web insights allow us to see credential stuffing attacks in action across 1.5 million web domains each month, adding on average 10 million new compromised credential pairs every day to a proprietary data repository of over 35 billion exposed credential pairs.
Web Monitoring continuously monitors an organization’s domains and/or email addresses, detecting credential stuffing attacks and compromised credentials in real time.
Credential Screening takes early detection further: when a customer presents a credential at login or account creation, you’ll know immediately if that credential was ever compromised anywhere — whether a bad actor was targeting your systems or not.
Alerting a company’s fraud prevention system of compromised credentials at the account login process — rather than discovering a problem at the fraudulent transaction — saves time, money, and future losses. The time between a credential stuffing attack and fraudulent purchases is your window to act, even if it’s only 24 hours.
The mechanics of how email became the digital economy’s most consequential vulnerability, the case studies that should have changed everything, and what a continuous intelligence approach actually looks like — all documented in “The Lying Gatekeeper,” a special report from myNetWatchman.
Read the Full Report →