{"id":1186,"date":"2018-07-26T00:56:53","date_gmt":"2018-07-25T23:56:53","guid":{"rendered":"https:\/\/globalfraudforensics.com\/fraudxpose\/?p=1186"},"modified":"2018-07-26T00:56:53","modified_gmt":"2018-07-25T23:56:53","slug":"friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers","status":"publish","type":"post","link":"https:\/\/globalfraudforensics.com\/fraudxpose\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\/","title":{"rendered":"Friday FYI: 9 out of 10 of website login attempts? Yeah, that&#8217;ll be hackers"},"content":{"rendered":"<h4>Credential stuffing is rampant \u2013 so try not to reuse the same password on every site, eh?<\/h4>\n<p><span style=\"color: #000000;\">Up to 90 per cent of the average online retailer&#8217;s login traffic is generated by cybercriminals trying their luck with credential stuffing attacks, Shape Security estimated in its latest Credential Spill Report.<\/span><\/p>\n<p><span style=\"color: #000000;\">The biz\u00a0<a style=\"color: #000000;\" href=\"http:\/\/info.shapesecurity.com\/rs\/935-ZAM-778\/images\/Shape_Credential_Spill_Report_2018.pdf?aliId=7269967\" target=\"_blank\" rel=\"nofollow noopener\">crunched the numbers<\/a>\u00a0[PDF] on 51 organizations across a range of global sectors that reported having an eye-watering 2.3 billion credentials snatched by miscreants during 2017. That&#8217;s actually a slightly lower total than the outfit reported in 2016, but still equivalent to an average of 47.5 million credentials per spill.<\/span><\/p>\n<p><span style=\"color: #000000;\">Organizations featured in the report include high-profile names such as Yahoo<i>!<\/i>\u00a0(two billion), Edmodo (77 million), Chinese streaming service Youku (101 million) and Equifax (which affected 145 million personal records yet, surprisingly, only 14,961 logins).<\/span><\/p>\n<p><span style=\"color: #000000;\">The MO for\u00a0<a style=\"color: #000000;\" href=\"https:\/\/www.owasp.org\/index.php\/Credential_stuffing\" target=\"_blank\" rel=\"nofollow noopener\">credential stuffing<\/a>\u00a0is simple \u2013 attackers try passwords stolen from hacked account databases on lots of other websites in the hope they also work.<\/span><\/p>\n<p><span style=\"color: #000000;\">In other words if you use the same email address and password for websites A and B, and A is hacked, the crooks will try to use the stolen login data to access your account on website B. It sounds like a long shot but, Shape estimates, it&#8217;s effective up to three per cent of the time, an excellent rate of return for professional criminals.<\/span><\/p>\n<p><span style=\"color: #000000;\">Database intrusions are be bad enough, however, the larger damage is compounded by the length of time it takes for victims to report that an attack has been successful. Shape found that this now averages 15 months from the moment a password is snatched to the day the hacking is made public, more than enough time for credential stuffers to try logging into other accounts.<\/span><\/p>\n<p><span style=\"color: #000000;\">&#8220;What most people don&#8217;t realise is the domino effect of damage that a single breach is capable of producing,&#8221; said Shape&#8217;s CTO, Shuman Ghosemajumder.<\/span><\/p>\n<h3 class=\"crosshead\"><span style=\"color: #000000;\">Time, time, time<\/span><\/h3>\n<p><span style=\"color: #000000;\">The enemy here is delay, he said. If victims were able to alert one another to a breach soon after it occurred, credential stuffing would lose much of its power.<\/span><\/p>\n<p><span style=\"color: #000000;\">&#8220;To fight back, organizations have started banding together to build a collective defense to be alerted when credentials stolen from one breach are being used to log in to another, effectively blocking attackers attempting to access their platforms with compromised credentials.&#8221;<\/span><\/p>\n<p><span style=\"color: #000000;\">Almost as extraordinary is that companies can see the credential stuffing traffic from failed logins. For example, while all business sectors face a threat from credential stuffing, some see far more attacks than others.<\/span><\/p>\n<p><span style=\"color: #000000;\">Based on Shape&#8217;s own customer analysis, for e-commerce 91 per cent of login traffic was from credential stuffing, while for airlines it was 60 per cent, banking on 58 per cent and hotels 44 per cent.<\/span><\/p>\n<p><span style=\"color: #000000;\">Not surprisingly, losses from credential stuffing fraud are high, reaching $5bn a year in the US alone, as attackers exploit account takeover to buy goods, make in-store payments, or purchase e-gift cards. Personally Identifiable Information (PII) resulting from successful attacks can also be sold on criminal forums.<\/span><\/p>\n<p><span style=\"color: #000000;\">A deeper question is why, given the weak state of credentials, companies don\u2019t adopt better security? Options here include mandatory use of multi-factor authentication (MFA), better detection of credential stuffing and more data sharing.<\/span><\/p>\n<p><span style=\"color: #000000;\">More long-terms solutions include WebAuthn, an emerging standard that would abandon traditional credentials completely in favor of physical and biometric authentication mechanisms. The advantage of that would be that there are no credentials to steal.<\/span><\/p>\n<p><span style=\"color: #000000;\">This might take longer than some realize, note the report&#8217;s authors: &#8220;Companies with high competition are loathe to introduce additional friction into their experience in the form of MFA, lest they lose out on potential revenue.&#8221;<\/span><\/p>\n<p><span style=\"color: #000000;\">By\u00a0<\/span><a class=\"alt_colour dcl\" title=\"Read more by this author\" href=\"https:\/\/www.theregister.co.uk\/Author\/John-E-Dunn\"><span style=\"color: #000000;\">John E Dunn<\/span><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Credential stuffing is rampant \u2013 so try not to reuse the same password on every site, eh? Up to 90 per cent of the average online retailer&#8217;s login traffic is generated by cybercriminals trying their luck with credential stuffing attacks, Shape Security estimated in its latest Credential Spill Report. The biz\u00a0crunched the numbers\u00a0[PDF] on 51 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1187,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[21,23,20],"tags":[],"class_list":["post-1186","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-forensics","category-international","category-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Friday FYI: 9 out of 10 of website login attempts? Yeah, that&#039;ll be hackers - Fraud Xpos\u00e9<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/globalfraudforensics.com\/fraudxpose\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Friday FYI: 9 out of 10 of website login attempts? Yeah, that&#039;ll be hackers - Fraud Xpos\u00e9\" \/>\n<meta property=\"og:description\" content=\"Credential stuffing is rampant \u2013 so try not to reuse the same password on every site, eh? Up to 90 per cent of the average online retailer&#8217;s login traffic is generated by cybercriminals trying their luck with credential stuffing attacks, Shape Security estimated in its latest Credential Spill Report. The biz\u00a0crunched the numbers\u00a0[PDF] on 51 [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/globalfraudforensics.com\/fraudxpose\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\/\" \/>\n<meta property=\"og:site_name\" content=\"Fraud Xpos\u00e9\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/facebook.com\/fraudxpose\/\" \/>\n<meta property=\"article:published_time\" content=\"2018-07-25T23:56:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i1.wp.com\/www.globalfraudforensics.com\/fraudxpose\/wp-content\/uploads\/2018\/07\/pword.jpg?fit=1200%2C794&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"794\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@fraudxposeng\" \/>\n<meta name=\"twitter:site\" content=\"@fraudxposeng\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\\\/\"},\"author\":{\"name\":\"Admin\",\"@id\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/#\\\/schema\\\/person\\\/255e996e9677952491203713922e4698\"},\"headline\":\"Friday FYI: 9 out of 10 of website login attempts? Yeah, that&#8217;ll be hackers\",\"datePublished\":\"2018-07-25T23:56:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\\\/\"},\"wordCount\":621,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/globalfraudforensics.com\\\/fraudxpose\\\/wp-content\\\/uploads\\\/2018\\\/07\\\/pword.jpg?fit=1200%2C794&ssl=1\",\"articleSection\":[\"Forensics\",\"International\",\"Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\\\/\",\"url\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\\\/\",\"name\":\"Friday FYI: 9 out of 10 of website login attempts? Yeah, that'll be hackers - Fraud Xpos\u00e9\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/globalfraudforensics.com\\\/fraudxpose\\\/wp-content\\\/uploads\\\/2018\\\/07\\\/pword.jpg?fit=1200%2C794&ssl=1\",\"datePublished\":\"2018-07-25T23:56:53+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/globalfraudforensics.com\\\/fraudxpose\\\/wp-content\\\/uploads\\\/2018\\\/07\\\/pword.jpg?fit=1200%2C794&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/globalfraudforensics.com\\\/fraudxpose\\\/wp-content\\\/uploads\\\/2018\\\/07\\\/pword.jpg?fit=1200%2C794&ssl=1\",\"width\":1200,\"height\":794},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Friday FYI: 9 out of 10 of website login attempts? Yeah, that&#8217;ll be hackers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/#website\",\"url\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/\",\"name\":\"Fraud Xpos\u00e9\",\"description\":\"All you need to know about fraud, forensics, security, compliance and audit issues\",\"publisher\":{\"@id\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/#organization\",\"name\":\"Fraud Xpose\",\"url\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i2.wp.com\\\/www.globalfraudforensics.com\\\/fraudxpose\\\/wp-content\\\/uploads\\\/2018\\\/04\\\/FX-Logo272x147.png?fit=272%2C147&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i2.wp.com\\\/www.globalfraudforensics.com\\\/fraudxpose\\\/wp-content\\\/uploads\\\/2018\\\/04\\\/FX-Logo272x147.png?fit=272%2C147&ssl=1\",\"width\":272,\"height\":147,\"caption\":\"Fraud Xpose\"},\"image\":{\"@id\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/facebook.com\\\/fraudxpose\\\/\",\"https:\\\/\\\/x.com\\\/fraudxposeng\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/#\\\/schema\\\/person\\\/255e996e9677952491203713922e4698\",\"name\":\"Admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/2a180c4da52b1b133d5111c4b29c553c71aaf980f49b51be7704e34acef30cff?s=96&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/2a180c4da52b1b133d5111c4b29c553c71aaf980f49b51be7704e34acef30cff?s=96&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/2a180c4da52b1b133d5111c4b29c553c71aaf980f49b51be7704e34acef30cff?s=96&r=g\",\"caption\":\"Admin\"},\"url\":\"https:\\\/\\\/globalfraudforensics.com\\\/fraudxpose\\\/author\\\/admin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Friday FYI: 9 out of 10 of website login attempts? Yeah, that'll be hackers - Fraud Xpos\u00e9","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/globalfraudforensics.com\/fraudxpose\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\/","og_locale":"en_US","og_type":"article","og_title":"Friday FYI: 9 out of 10 of website login attempts? Yeah, that'll be hackers - Fraud Xpos\u00e9","og_description":"Credential stuffing is rampant \u2013 so try not to reuse the same password on every site, eh? Up to 90 per cent of the average online retailer&#8217;s login traffic is generated by cybercriminals trying their luck with credential stuffing attacks, Shape Security estimated in its latest Credential Spill Report. The biz\u00a0crunched the numbers\u00a0[PDF] on 51 [&hellip;]","og_url":"https:\/\/globalfraudforensics.com\/fraudxpose\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\/","og_site_name":"Fraud Xpos\u00e9","article_publisher":"https:\/\/facebook.com\/fraudxpose\/","article_published_time":"2018-07-25T23:56:53+00:00","og_image":[{"width":1200,"height":794,"url":"https:\/\/i1.wp.com\/www.globalfraudforensics.com\/fraudxpose\/wp-content\/uploads\/2018\/07\/pword.jpg?fit=1200%2C794&ssl=1","type":"image\/jpeg"}],"author":"Admin","twitter_card":"summary_large_image","twitter_creator":"@fraudxposeng","twitter_site":"@fraudxposeng","twitter_misc":{"Written by":"Admin","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/globalfraudforensics.com\/fraudxpose\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\/#article","isPartOf":{"@id":"https:\/\/globalfraudforensics.com\/fraudxpose\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\/"},"author":{"name":"Admin","@id":"https:\/\/globalfraudforensics.com\/fraudxpose\/#\/schema\/person\/255e996e9677952491203713922e4698"},"headline":"Friday FYI: 9 out of 10 of website login attempts? Yeah, that&#8217;ll be hackers","datePublished":"2018-07-25T23:56:53+00:00","mainEntityOfPage":{"@id":"https:\/\/globalfraudforensics.com\/fraudxpose\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\/"},"wordCount":621,"commentCount":0,"publisher":{"@id":"https:\/\/globalfraudforensics.com\/fraudxpose\/#organization"},"image":{"@id":"https:\/\/globalfraudforensics.com\/fraudxpose\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/globalfraudforensics.com\/fraudxpose\/wp-content\/uploads\/2018\/07\/pword.jpg?fit=1200%2C794&ssl=1","articleSection":["Forensics","International","Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/globalfraudforensics.com\/fraudxpose\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/globalfraudforensics.com\/fraudxpose\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\/","url":"https:\/\/globalfraudforensics.com\/fraudxpose\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\/","name":"Friday FYI: 9 out of 10 of website login attempts? Yeah, that'll be hackers - Fraud Xpos\u00e9","isPartOf":{"@id":"https:\/\/globalfraudforensics.com\/fraudxpose\/#website"},"primaryImageOfPage":{"@id":"https:\/\/globalfraudforensics.com\/fraudxpose\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\/#primaryimage"},"image":{"@id":"https:\/\/globalfraudforensics.com\/fraudxpose\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/globalfraudforensics.com\/fraudxpose\/wp-content\/uploads\/2018\/07\/pword.jpg?fit=1200%2C794&ssl=1","datePublished":"2018-07-25T23:56:53+00:00","breadcrumb":{"@id":"https:\/\/globalfraudforensics.com\/fraudxpose\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/globalfraudforensics.com\/fraudxpose\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/globalfraudforensics.com\/fraudxpose\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\/#primaryimage","url":"https:\/\/i0.wp.com\/globalfraudforensics.com\/fraudxpose\/wp-content\/uploads\/2018\/07\/pword.jpg?fit=1200%2C794&ssl=1","contentUrl":"https:\/\/i0.wp.com\/globalfraudforensics.com\/fraudxpose\/wp-content\/uploads\/2018\/07\/pword.jpg?fit=1200%2C794&ssl=1","width":1200,"height":794},{"@type":"BreadcrumbList","@id":"https:\/\/globalfraudforensics.com\/fraudxpose\/friday-fyi-9-out-of-10-of-website-login-attempts-yeah-thatll-be-hackers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/globalfraudforensics.com\/fraudxpose\/"},{"@type":"ListItem","position":2,"name":"Friday FYI: 9 out of 10 of website login attempts? Yeah, that&#8217;ll be hackers"}]},{"@type":"WebSite","@id":"https:\/\/globalfraudforensics.com\/fraudxpose\/#website","url":"https:\/\/globalfraudforensics.com\/fraudxpose\/","name":"Fraud Xpos\u00e9","description":"All you need to know about fraud, forensics, security, compliance and audit issues","publisher":{"@id":"https:\/\/globalfraudforensics.com\/fraudxpose\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/globalfraudforensics.com\/fraudxpose\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/globalfraudforensics.com\/fraudxpose\/#organization","name":"Fraud Xpose","url":"https:\/\/globalfraudforensics.com\/fraudxpose\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/globalfraudforensics.com\/fraudxpose\/#\/schema\/logo\/image\/","url":"https:\/\/i2.wp.com\/www.globalfraudforensics.com\/fraudxpose\/wp-content\/uploads\/2018\/04\/FX-Logo272x147.png?fit=272%2C147&ssl=1","contentUrl":"https:\/\/i2.wp.com\/www.globalfraudforensics.com\/fraudxpose\/wp-content\/uploads\/2018\/04\/FX-Logo272x147.png?fit=272%2C147&ssl=1","width":272,"height":147,"caption":"Fraud Xpose"},"image":{"@id":"https:\/\/globalfraudforensics.com\/fraudxpose\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/facebook.com\/fraudxpose\/","https:\/\/x.com\/fraudxposeng"]},{"@type":"Person","@id":"https:\/\/globalfraudforensics.com\/fraudxpose\/#\/schema\/person\/255e996e9677952491203713922e4698","name":"Admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/2a180c4da52b1b133d5111c4b29c553c71aaf980f49b51be7704e34acef30cff?s=96&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/2a180c4da52b1b133d5111c4b29c553c71aaf980f49b51be7704e34acef30cff?s=96&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/2a180c4da52b1b133d5111c4b29c553c71aaf980f49b51be7704e34acef30cff?s=96&r=g","caption":"Admin"},"url":"https:\/\/globalfraudforensics.com\/fraudxpose\/author\/admin\/"}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/globalfraudforensics.com\/fraudxpose\/wp-content\/uploads\/2018\/07\/pword.jpg?fit=1200%2C794&ssl=1","uagb_featured_image_src":{"full":["https:\/\/i0.wp.com\/globalfraudforensics.com\/fraudxpose\/wp-content\/uploads\/2018\/07\/pword.jpg?fit=1200%2C794&ssl=1",1200,794,false],"thumbnail":["https:\/\/i0.wp.com\/globalfraudforensics.com\/fraudxpose\/wp-content\/uploads\/2018\/07\/pword.jpg?resize=150%2C150&ssl=1",150,150,true],"medium":["https:\/\/i0.wp.com\/globalfraudforensics.com\/fraudxpose\/wp-content\/uploads\/2018\/07\/pword.jpg?fit=300%2C199&ssl=1",300,199,true],"medium_large":["https:\/\/i0.wp.com\/globalfraudforensics.com\/fraudxpose\/wp-content\/uploads\/2018\/07\/pword.jpg?fit=768%2C508&ssl=1",768,508,true],"large":["https:\/\/i0.wp.com\/globalfraudforensics.com\/fraudxpose\/wp-content\/uploads\/2018\/07\/pword.jpg?fit=1024%2C678&ssl=1",1024,678,true],"1536x1536":["https:\/\/i0.wp.com\/globalfraudforensics.com\/fraudxpose\/wp-content\/uploads\/2018\/07\/pword.jpg?fit=1200%2C794&ssl=1",1200,794,true],"2048x2048":["https:\/\/i0.wp.com\/globalfraudforensics.com\/fraudxpose\/wp-content\/uploads\/2018\/07\/pword.jpg?fit=1200%2C794&ssl=1",1200,794,true]},"uagb_author_info":{"display_name":"Admin","author_link":"https:\/\/globalfraudforensics.com\/fraudxpose\/author\/admin\/"},"uagb_comment_info":0,"uagb_excerpt":"Credential stuffing is rampant \u2013 so try not to reuse the same password on every site, eh? Up to 90 per cent of the average online retailer&#8217;s login traffic is generated by cybercriminals trying their luck with credential stuffing attacks, Shape Security estimated in its latest Credential Spill Report. The biz\u00a0crunched the numbers\u00a0[PDF] on 51&hellip;","jetpack_shortlink":"https:\/\/wp.me\/p9QymB-j8","jetpack_likes_enabled":false,"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/globalfraudforensics.com\/fraudxpose\/wp-json\/wp\/v2\/posts\/1186","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/globalfraudforensics.com\/fraudxpose\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/globalfraudforensics.com\/fraudxpose\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/globalfraudforensics.com\/fraudxpose\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/globalfraudforensics.com\/fraudxpose\/wp-json\/wp\/v2\/comments?post=1186"}],"version-history":[{"count":0,"href":"https:\/\/globalfraudforensics.com\/fraudxpose\/wp-json\/wp\/v2\/posts\/1186\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/globalfraudforensics.com\/fraudxpose\/wp-json\/wp\/v2\/media\/1187"}],"wp:attachment":[{"href":"https:\/\/globalfraudforensics.com\/fraudxpose\/wp-json\/wp\/v2\/media?parent=1186"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/globalfraudforensics.com\/fraudxpose\/wp-json\/wp\/v2\/categories?post=1186"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/globalfraudforensics.com\/fraudxpose\/wp-json\/wp\/v2\/tags?post=1186"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}