Arkose Records High Volume of Credential Stuffing Attacks

The number of credential stuffing attacks has skyrocketed as digital traffic has increased during the COVID-19 pandemic. The latest findings come courtesy of Arkose Labs, which claims to have stopped 770 million credential stuffing attacks in the third quarter of 2020 alone.

The total number of bot attacks was even higher, coming in at a record 1.3 billion for the quarter. The majority (64 percent) of those attacks targeted the login process, while 85 percent originated from a desktop computer and 49 percent came from somewhere in Europe.

Arkose disclosed those figures in its Q4 Fraud and Abuse Report. The findings are based on actual user activity between July and September, all of which was analyzed in real-time with Arkose’s Fraud and Abuse Prevention Platform. The company noted that the report does not include bot attacks that were not sophisticated enough to generate a user session, so the total number of bots in circulation could be higher than the one reported.

In that regard, Arkose is the latest company to suggest that fraudsters have been trying to take advantage of the increased volume of digital traffic. According to Arkose, many e-commerce companies are now processing Black Friday levels of traffic on a daily basis, which can make it difficult to distinguish fraudsters from legitimate customers for retailers with less sophisticated fraud prevention infrastructure.

Arkose attributed the high volume of credential stuffing attacks to the prevalence of automated tools that can carry out fraudulent attacks at scale, and to the ready availability of personal information and credentials in the wake of numerous high-profile data breaches.

“Fraudsters are continually devising new and more sophisticated ways of carrying out their attacks,” said Akrose Marketing and Strategy VP Vanita Pandey. “The high fraud levels that accompany high traffic volumes are likely here to stay, even after the pandemic ends. It’s crucial that businesses are aware of the top attack trends so that they can be more vigilant.”

While fraudsters displayed a preference for sweatshop attacks in 2019, they have reverted to automated attacks in 2020, a trend that likely reflects the digital COVID environment. Arkose nevertheless detected 10 million sweatshop attacks from Russia and 7 million from the UK in the third quarter of the year.

Partners

FaceTec’s patented, industry-leading 3D Face Verification and Reverification software anchors digital identity, creating a chain of trust from user onboarding to ongoing authentication on all modern smart devices and webcams. FaceTec’s 3D FaceMaps™ finally make trusted, remote identity verification possible. As the only technology backed by a persistent spoof bounty program and NIST/iBeta Certified Liveness Detection, FaceTec is the global standard for 3D Liveness and Face Matching with millions of users on six continents in financial services, border security, transportation, blockchain, e-voting, social networks, online dating and more. www.facetec.com

The Biometric Digital Identity Prism is a market landscape framework designed to help influencers and decision makers understand, innovate, and implement digital identity technologies and solutions. This innovative framework for understanding and evaluating the rapidly evolving biometric digital identity marketplace is the only market model that is truly biometric-centric based on the foundational conviction that in the age of digital transformation the only true, reliable link between humans and their digital data is biometrics. https://www.the-prism-project.com

Mobile ID World is here to bring you the latest in mobile authentication solutions and application providers. Our company is dedicated to providing users with the best content and cutting edge information on technology, news, and mobile solutions for your mobile identity management needs. https://mobileidworld.com

ID R&D combines extensive R&D capabilities with advances in AI to deliver superior biometrics and liveness detection software. Our products work across mobile, web, and telephone channels, as well as conversational interfaces, IoT devices, and embedded hardware to improve security and significantly reduce friction in the user experience. https://www.idrnd.ai

AuthenticID’s disruptive and cutting-edge, AI-driven solution quickly, accurately, and securely reproduces real-world identity verification so that companies can be assured of who they are conducting business with, strengthen underwriting, reduce the losses associated with fraud, and streamline onerous customer onboarding procedures, leading to higher conversion rates. https://www.authenticid.com/

Identity Week aims to be a significant identity industry catalyst. It’s our mission is to help accelerate the move towards a world where trusted identity solutions enable governments and commercial organisations to provide citizens, employees, customers and consumers with a multitude of opportunities to transact in a seamless, yet secure manner. All the while preventing the efforts of those intent on doing harm. https://identityweek.net/

Related News & Articles

Footer

Follow Us