Credential stuffing is a cyber-attack where fraudsters use large numbers of stolen credentials to log into individuals’ or companies’ accounts. This cyber-attack type is on the rise due to the high number of data breaches in the past years.
A successful credential abuse attack steals the victim’s account and puts the owner’s credit card information as well as in-game assets at risk. Worth noting – veteran players might have thousands of dollars worth of items in their game inventory.
While credential abuse attacks are rarely discussed, data reveals that it is a wide-spread issue. Hackers attacked gamers a staggering 9.83 billion times from July 2018 to June 2020.
Data shows that the top 5 countries are responsible for 49.32% of all fraudulent login attempts to user accounts. The US, Russia, Canada, China, and Germany are responsible for 4.85 billion attacks out of the 9.83 billion intrusion attempts globally.
It appears that most credential abuse originates from the United States. However, it is worth noting that hackers often change their IP addresses when carrying out these attacks. Meaning, the locations provided should be looked at with a grain of salt.
Gamers lose ?
The study asked players what they are most worried about if their account gets hacked. The most common answer was credit card information, with 49.1% of respondents stating it as their biggest concern
The concern of losing in-game assets is valid as a single special weapon can cost hundreds of dollars and, in rare cases, up to thousands of dollars.
You can avoid the devastating financial losses, account takeovers, and emotional distress by following these simple rules:
- Do not reuse passwords.
- Make use of password managers.
- Deploy two-factor authentication (2FA).
- Check if your email was compromised on haveibeenpwned website.