Please fill in the form below to subscribe to our blog

Credential Stuffing Attacks Cause FBI Concern

October 03, 2020
credential stuffing represented by a blue lock on a darker bluw background with semitransparent binary code in pale blue

A Lack of Multifactor Authentication is Cited as a Key Cause for Alarm

The FBI recently released a Private Industry Notification to inform businesses in the financial sector of an increased incidence in credential stuffing attacks that it has been monitoring for the last two years. According to their research, the FBI has determined that 41% of all financial sector attacks between 2017 and 2020 were due to credential stuffing, resulting in the theft of millions of dollars.

Danger is Increasing

As attacks on the financial sector in this vein have ramped up, there’s been a noticeable pattern. FBI researchers cited two big causes for concern that are enabling this increase in attacks and damage: password reuse and a need for more companies to adopt multifactor authentication (MFA).

Credential stuffing attacks powered by Dark Web data like password lists accounted for the greatest volume of security incidents against the financial sector at 41 percent of total incidents from 2017 through 2019, according to a 2020 report. These attacks cost affected businesses an average of $6 million per year, excluding costs associated with the fraud.

Causes for Concern are Obvious

One major risk factor, password reuse, was responsible for tremendous damage. The report goes on to note that nearly 60% of respondents in a recent study reported recycling one or more passwords across multiple accounts, opening those passwords up to easy compromise due to an increase in Dark Web information like password lists.

The recommended mitigation for this risk? Multifactor authentication. MFA adds a crucial layer of protection between a stolen or compromised password and your data and systems. Although criminals may catch a lucky break by obtaining a password from a Dark Web password dump that has been recycled by your staff and used to enter your systems, MFA prevents that password from opening the door.

Adopt This Easy Solution

Passly is the answer for securing your systems and data against credential stuffing attacks. MFA with Passly is fast and easy, with multiple options for authentication code or token delivery, allowing you to choose what’s right for your business.

Passly also offers other protections, like single sign-on LaunchPads to control your access points and secured shared password vaults to add extra protection for sensitive administrator credentials. And you get all of these features and more in one cost-effective solution that seamlessly integrates with over 1,000 applications.

Save Money, Time, and Headaches with Strong Protection

Don’t spend money that you don’t have on solutions that you don’t need to protect your business from the consequences of password compromise through employee reuse and recycling. Choose secure identity and access management with Passly to secure your data and systems – one tool that does everything you need anytime, anywhere at a price you’ll love. SEE A VIDEO OF PASSLY IN ACTION>>

Ransomware 101 eBook

Don’t let your profits get kidnapped by ransomware. Learn how to defend against today’s scariest threat now!