TECH

90% of the traffic generated by authentication on e-commerce websites is done by hackers

In Black Friday's time, there are increasing concerns about online access security, and there are plenty of reasons: there are more and more cybercriminals lurking in the face of opportunities to attack users and use their credentials to buy goods and services from online stores or simply sell them, in the "dark web".According to a study by Shape Security, quoted by the World Economic Forum, online retail stores are the main victims of the attacks, and points out that 90% of the global traffic generated by authentications is of criminal origin. It is explained that hackers use programs to apply stolen data in floods of authentication attempts, a technique dubbed "credential stuffing."In addition to e-commerce sites, airlines, banking and financial services are also victims of this scourge, with around 60% of authentications with criminal origin. The study points out that 3% of the attempts are successful, costing the e-commerce sector around $ 6 billion a year and banks accounting for $ 1.7 billion. Lastly, airlines and hotels account for 700 million losses a year.The study also reveals that, on average, it takes 15 months between the date of theft of the credentials until the day the intrusion is revealed. During this period criminals use the information in attempts to log in to everything that is online service. One of the ways to convert stolen credentials into cash is through the purchase of merchandising, which can then be resold, and even cases of high-priced cheese purchase have been detected online to be resold in restaurants.Experts advise users to change passwords frequently, although they believe that while hackers are more sophisticated at stealing credentials, there have also been major improvements in security systems.



Sapo