In an effort to increase awareness about a frightening cybersecurity threat that continues to impact businesses around the globe, Arkose Labs on Monday kicked off the inaugural Credential Stuffing Week. With credential stuffing (also known as password spraying or account takeover), stolen data like usernames, email addresses and passwords are used to break into accounts at a high volume using sophisticated tools. These automated attacks are done at scale, keeping costs low and therefore making credential stuffing a profitable venture for fraudsters.
“As credential stuffing grows in popularity amongst fraudsters, so too does the need to fully understand this type of cyberattack as well as the tools needed to mitigate it, which is why we created Credential Stuffing Week,” said Kevin Gosschalk, co-founder and CEO of Arkose Labs. “Businesses are suffering, and by default so are their customers and clients, as credential stuffing attacks become more common and sophisticated.”
Logins are the most attacked digital touchpoint today, Arkose Labs said. In the first half of 2021, the Arkose Labs network detected and stopped 285 million credential stuffing attacks—29 per cent of all fraud attacks–with spikes upwards of 80 million in a single week. Making matters even more dire, these attacks affect the bottom line, with 46 per cent of businesses reporting that these attacks have led to decreased revenue.
During Credential Stuffing Week and beyond, Arkose Labs is engaging with customers, partners and journalists to ensure that stopping credential stuffing is part of a company’s ongoing fraud strategy. The company believes that businesses deserve greater protection, commitment, and partnership from their security vendors to thwart attackers’ efforts. This is why Arkose Labs backs their Fraud and Abuse Prevention Platform with a warranty against credential stuffing attacks. It offers a commercial guarantee against credential stuffing attacks, covering customers up to $1 million in response expenses including legal consultation, forensic services, notification expenses, identity theft and credit monitoring.
“Through our credential stuffing warranty, we want to show our commitment to customers by sharing a portion of responsibility with regard to attack mitigation,” said Gosschalk.
Additionally, as part of their ongoing efforts to generate awareness beyond Credential Stuffing Week, Arkose Labs will have a presence at next week’s Money20/20 USA conference in Las Vegas. In November, Arkose Labs is hosting the second annual Bankrupting Fraud Virtual Summit, which brings together speakers from companies such as Facebook, Visa, Forrester, Expedia, PayPal, and the United Nations. The summit will feature expert panels, masterclasses and live networking events on Nov. 9-10.