Credential Stuffing is an attack where credentials stolen from one or more sites is used at other sites, in the hope that the same credentials were used by users on multiple sites. This post discusses some of the steps consumers and services providers can take to prevent these attacks.
Business Email Compromise (BEC) happens when someone receives an email supposedly from their companies’ CFO, CEO or even their manager asking them to make a payment to a vendor account. In this attack, the person making the payment is socially engineered to make a fraudulent payment.
Who is responsible for payment fraud? Why customers also need to get involved and cannot just depend on service providers to protect them.