Login
Get a Demo
Become a Partner
SOCRadar® Cyber Intelligence Inc. | 91% of E-Commerce Login Traffic is Credential Stuffing Attempts
Table Of Content
Home

Resources

Blog
Kas 24, 2022
2 Mins Read

91% of E-Commerce Login Traffic is Credential Stuffing Attempts

Credential stuffing is a type of cyberattack in which user login information or entire password lists are obtained through theft or leaks and used to log into another service. Weak and reused passwords invite credential stuffing attacks, which rely on using the same compromised password for multiple websites. 

Credential stuffing attacks have become a major concern for e-commerce businesses because they significantly impact them. Especially during the holiday season, when there is an increase in the number of orders and security can lapse, allowing credential stuffing and other types of attacks. 

After all, the holiday season means more phishing campaigns, which means more credentials to stuff. 

Recent Cases of Credential Stuffing 

  • In late July 2022, The North Face fell victim to a credential stuffing attack. Personal and purchase information of almost 195,000 accounts was exposed. 
  • A credential stuffing attack hit General Motors’ online platform and exposed customer information in April 2022. Attackers exchanged customers’ reward points for gift cards

Credential stuffing attacks target users, the weakest link in e-commerce and the entry point for a potentially larger scheme. A single compromised account is sufficient to generate a profit, whereas larger schemes can seriously disrupt business operations.

To learn more about the techniques and impact of credential stuffing attacks, check out our E-Commerce Threat Landscape Report.

What is the Future of Credential Stuffing? 

Cybersecurity researchers discovered 193 billion credential stuffing attacks in 2020 globally, according to Help Net Security.

The graph below shows how much of the login traffic in an industry is perceived as a credential stuffing attempt; the e-commerce industry has the highest percentage, with 91% of traffic merely attackers attempting to login to your account.

credential stuffing
(Source: Statista)

Credential stuffing has quickly outpaced other attack strategies against the e-commerce industry due to the industry’s rapid expansion. As the industry develops, new threats related to it will always surface.

Related Articles
SOCRadar® Cyber Intelligence Inc. | Shedding Light on the Ancient Continent: Insights from Southern Africa
Shedding Light on the Ancient Continent: Insights from Southern Africa
Nis 04, 2024
SOCRadar® Cyber Intelligence Inc. | Unlock the Secrets to Safeguarding Your Digital Frontier: A Sneak Peek into the Singapore Threat Landscape
Unlock the Secrets to Safeguarding Your Digital Frontier: A Sneak Peek into the Singapore Threat Landscape
Mar 25, 2024
SOCRadar® Cyber Intelligence Inc. | Cybersecurity in the Skies: SOCRadar Aviation Industry Threat Landscape Report
Cybersecurity in the Skies: SOCRadar Aviation Industry Threat Landscape Report
Mar 22, 2024
SOCRadar® Cyber Intelligence Inc. | SOCRadar’s Latest Report Illuminates Cyber Threats in Switzerland's Digital Landscape
SOCRadar’s Latest Report Illuminates Cyber Threats in Switzerland's Digital Landscape
Mar 15, 2024
SOCRadar® Cyber Intelligence Inc. | Digital Predators of 2023: Exposing Top Cyber Threat Actors
Digital Predators of 2023: Exposing Top Cyber Threat Actors
Oca 15, 2024