Protecting against credential stuffing attacks

Credential Stuffing is an attack where credentials stolen from one or more sites is used at other sites, in the hope that the same credentials were used by users on multiple sites. This post discusses some of the steps consumers and services providers can take to prevent these attacks.

Business email compromise attack

Business Email Compromise (BEC) happens when someone receives an email supposedly from their companies’ CFO, CEO or even their manager asking them to make a payment to a vendor account. In this attack, the person making the payment is socially engineered to make a fraudulent payment.